Microsoft is retiring SMTP Basic Authentication — what you need to know
Microsoft is making another important change to improve email security, and it could affect the way your business scans, shares, and sends documents.
From March 2026, Microsoft will begin retiring Basic Authentication for SMTP (Simple Mail Transfer Protocol) in Exchange Online, with the full change taking effect by April 2026.
If your Toshiba devices, scanners, or systems send emails using stored usernames and passwords, this change could interrupt key features — particularly Scan-to-Email and automated notifications.
What’s changing
SMTP Basic Authentication has been used for decades but is no longer secure enough for today’s cyber threats. It relies on static credentials that can be easily compromised. Microsoft is replacing it with Modern Authentication (OAuth 2.0) — a safer, token-based method that supports multi-factor authentication (MFA).
It’s a positive move for security but it means that older devices and setups may need updates to keep email workflows running smoothly.
What happens if you don’t act
If your devices or applications still use Basic Authentication after it’s retired, they’ll no longer be able to send emails through Microsoft 365. This could mean:
- Scan-to-Email jobs could fail
- Email notifications, such as toner alerts, may not send
- Routine workflows like approvals could be delayed
Because these changes happen on Microsoft’s end, issues won’t appear until the switch occurs. Early preparation is key.
How to prepare your Toshiba devices
Here are the steps to ensure your email workflows continue uninterrupted:
- Review your setup – Identify which Toshiba devices or systems send emails and how they’re configured.
- Check Microsoft 365 reports – Admin users can view SMTP Auth activity to see which accounts still use Basic Authentication.
- Update your devices – Firmware updates often enable modern authentication support. If so, you’re good to go.
- Explore alternative solutions – Options include:
- Microsoft Graph API and MFP device apps for modern apps and services to send email securely.
- Optional Scan Apps for devices, enabling scan-to-cloud features, such as OneDrive, using secure connection methods.
- SMTP relay with modern authentication for devices that can’t directly support OAuth 2.0.
- Toshiba can advise on upgrading older devices to models that fully support modern authentication.
- Test before March 2026 – Run scans or automated emails to confirm functionality.
Why this change matters
While some adjustments are required, Microsoft’s update is a positive step for businesses. It protects against evolving cyber threats and creates a secure foundation for cloud-connected services.
By acting early, your Toshiba devices will continue to operate smoothly, ensuring your email workflows and document processes remain secure and compliant.
The bottom line
The retirement of SMTP Basic Authentication is part of a global shift towards stronger security. For UK businesses, it’s also a reminder to review legacy systems and prepare for a modern, secure workplace.
By acting early, you’ll protect your data, avoid disruption, and keep your Toshiba devices working exactly as you need them to.
Stay ahead of Microsoft’s changes with Toshiba’s expert support.
How Toshiba can help
Reliable document workflows are crucial for any business. We know that these changes can seem daunting; that’s why Toshiba’s team are on-hand to review your current setup, apply necessary updates and advise on upgrade options.
Whether your business uses cloud, hybrid, or on-premises environments, Toshiba ensures your devices stay connected, secure, and seamless.
Get in touch for support
