Effective August 1st, 2022, CUNY CIS has disabled M365 Basic Authentication for all CUNY accounts.
What this means is that older clients and methods of access to the CUNY M365 environment (this includes faculty/staff email through the “CUNY tenant” and all student access to M365 including baruchmail.cuny.edu) no longer work. This change is necessary both to improve security of the M365 environment and allow for the enforcement of multifactor authentication (which was previously enabled for student accounts and will be enabled for faculty and staff accounts shortly.)
Among other things this affects it affects people who are using the Gmail POP3 importer. Gmail has not updated this interface to use modern authentication, and if they do not before October 1st 2022 when Microsoft will completely disable basic authentication for all Microsoft accounts it will stop working for everyone. Users who are affected can read their CUNY email via the web client, the native M365 support in iOS and Android (both of which support modern authentication), the Outlook client (for Mac, Windows, iOS or Android), or any other application that supports modern authentication (also known as OAuth) for POP or IMAP. POP and IMAP access is still enabled when modern authentication is used.
This change is necessary because of the high number of compromised accounts we have seen. If you have received messages from a CUNY address that are scams (these are often employment scams) you know the impact of having accounts that are easily compromised. Enabling modern authentication both reduces the likelihood of this occurring and allows us to fully enforce multifactor authentication which further reduces the chance of account compromise.
Please note that basic authentication was already disabled for faculty and staff M365 accounts in June.