What is Modern Authentication?
Microsoft has implemented Modern Authentication, a new, more secure means of authenticating users who sign into Office 365 applications, such as Microsoft Outlook or Exchange Online. The simplest way to explain this upcoming transition is by comparing the process to how we access physical locations around campus.
We used to carry keys for every exterior and interior door we needed to access, but those keys could easily be stolen or shared and there was no easy way to guarantee that the person using the key was the person who was approved for access to that location. This is how Basic Authentication works. When you connect using an email client with Basic Authentication, you are only required to enter your VUID credentials when launching your email.
To better secure access to exterior and interior doors around campus, we now require you to use your Wildcard, which includes your photo and allows people to validate your identity and ensure that you are the person who has been granted access to a particular location. In the event it is ever stolen, your Wildcard can be immediately disabled by the Wildcard team and a new one can be issued for you. This is how Modern Authentication works. When you use email with Modern Authentication, it uses your VUID credentials (and if off-campus, DUO multifactor) to generate a token which can be revoked immediately by UNIT personnel if your credentials are ever lost or stolen.
When will this change happen?
The ability to use Basic Authentication for Office 365 applications will cease on November 30, 2022.
* If you are using basic authentication, you will begin receiving weekly targeted emails on the week of October 3, 2022 with more details.
Who will this change impact?
Any Villanova faculty, staff, student, or affiliate using Microsoft Office 365 for email should be aware of this change. While a majority of the campus community are already running modern email clients that use Modern Authentication by default, there are still some legacy email clients and applications that will be impacted by this change.
If you are using basic authentication or legacy protocols, you will begin receiving weekly targeted emails from the UNIT Service Desk (support@villanova.edu) starting the week of October 3, 2022. These emails will provide more details. If you do not receive any emails, it is likely that you are already utilizing a modern email client.
Why is this change needed?
As technologies advance, so do their underlying protocols and coding. Basic Authentication for Microsoft Office 365 uses old and outdated (legacy) protocols. These legacy protocols have several security-related vulnerabilities which make them indefensible and unsustainable, so Microsoft has chosen to decommission them in favor of the new Modern Authentication requirement.
How can I tell if I am using or can use Modern Authentication?
The use of legacy vs. modern authentication depends on your email client’s capabilities. You can use modern authentication, in many cases, by updating your client application or changing to an alternative client application.
Please Note: If you are using an iOS device, you may need to follow these instructions to remove and re-add your email account within the Mail App.
Microsoft has provided a few different ways to tell if you are currently using Modern Authentication with your email clients.
Are you using an approved email client?
Please refer to UNIT's list of approved email clients to ensure you are able to use Modern Authentication.
Are you using DUO multifactor authentication for email?
Are you prompted to use DUO multifactor authentication (see image below) when you log into your email client from off-campus? If you are, it is likely that you are using an email client that supports Modern Authentication.
What does the login prompt for your email client look like?
When you log into your email client, the sign-in screen that appears and prompts you to enter your VUID credentials will indicate whether or not your client is using Modern Authentication.
If you see the sign-in prompt below, you are likely using Modern Authentication.
If you see the prompt below, you are likely NOT using Modern Authentication, and you will need to upgrade or change the email client you currently use before October 31, 2022.