2 Min

How to Fix the Error

Option 1: Switch to Modern Authentication (OAuth 2.0)

You need to update your email client or application to use OAuth 2.0 instead of Basic Authentication. Here’s how:

  1. Use an email client that supports OAuth 2.0: Most modern email clients (like Outlook, Thunderbird, Gmail app, etc.) already support OAuth 2.0. When adding your email account to these clients, they will prompt you to sign in using Microsoft’s secure login page.

  2. For custom apps or scripts: If you’re using a custom app or script (e.g., Python’s smtplib, PHP mailer, etc.), you need to configure it to use OAuth 2.0 for SMTP instead of Basic Authentication. This usually requires obtaining an OAuth access token from Microsoft’s identity platform (Azure AD or Microsoft Identity Platform).

    • Register your app with the Microsoft Identity Platform.
    • Obtain an OAuth 2.0 token using the OAuth client credentials flow or another appropriate flow.
    • Use the OAuth token for sending authenticated SMTP messages.

Option 2: Use a Different Email Client or Service

If your current email client doesn’t support OAuth 2.0, you can switch to one that does, such as:

  • Outlook desktop client (latest version)
  • Outlook for iOS/Android
  • Thunderbird (with OAuth support)
  • Gmail App (supports adding Outlook accounts with OAuth)

Option 3: Use App Password (if available)

In some cases, Microsoft allows users to create App Passwords as a fallback for older applications that don’t support Modern Authentication. This is a randomly generated password you can use in place of your normal password.

Here’s how to create an app password (if available for your account):

  1. Go to Microsoft Account Security Settings.
  2. Enable Two-Step Verification (if not already enabled).
  3. Once enabled, you should see an option to create an App Password.
  4. Use this App Password in your email client for SMTP authentication.

Note: Microsoft is phasing out App Passwords, and it may not be available for all accounts.

Option 4: Enable Two-Step Verification (if not already)

Ensure that Two-Step Verification (2FA) is enabled on your Microsoft account. This is often a prerequisite for using App Passwords and increases the security of your account overall.

Example for OAuth 2.0 in Python (using smtplib)

If you’re using Python, you would need to replace your basic username/password setup with OAuth 2.0 authentication. Here’s a simplified example:

  1. Obtain the OAuth 2.0 token using Microsoft Identity Platform.
  2. Use the smtplib library with the token:
import smtplib
import base64

smtp_server = "smtp.office365.com"
smtp_port = 587

email = "your-email@outlook.com"
oauth_token = "your-oauth2-token"

auth_string = f"user={email}\1auth=Bearer {oauth_token}\1\1"
auth_string = base64.b64encode(auth_string.encode()).decode()

server = smtplib.SMTP(smtp_server, smtp_port)
server.starttls()
server.docmd('AUTH', 'XOAUTH2 ' + auth_string)
server.sendmail(email, "recipient@example.com", "Hello from OAuth")
server.quit()

Summary

The SMTPAuthenticationError you’re encountering is due to the disabling of Basic Authentication for your Hotmail or Outlook.com account. To resolve this, you can:

  • Use a modern email client that supports OAuth 2.0.
  • Update your app or script to use OAuth 2.0 instead of basic username/password.
  • If supported, generate and use an App Password for older clients.

These steps will help you align with Microsoft’s new security policies and continue using your email without disruptions.

Updated: