I have an application that currently authenticates to a mailbox in Microsoft 365 without any multi-factor authentication (MFA). However, MFA is about to be enabled for that mailbox, which will break the current direct login method the app uses. With app-specific passwords being deprecated, what's the best approach to ensure the app still has access?
2 Answers
You might consider using Microsoft Graph API for authentication. Alternatively, services like SMTP2Go could help with sending emails without dealing with MFA issues.
Does your app support IMAP or POP? You could set up 365 to forward emails from that mailbox to a local mail server (like Postfix or IMAPD) either on-premises or in a cloud environment (such as EC2 or Google Compute). This way, your app can fetch the required emails from the local mailbox that doesn’t need MFA.
That's a solid idea! Forwarding to a local server that doesn’t require MFA sounds like a plan. Appreciate the suggestion!
I wouldn't recommend this approach. It might create more security risks and complicate things unnecessarily.