Office 2013 updated authentication with Office 365

Very welcome Security update for Office 2013 authentication With Office 365 Services. The Whole noboddy liked to talk about has been closed.

The update will only come to Office 2013, so for those running Office 2010 the enhanced Security will not be available until you Upgrade to Office 2013.

Outlook 2013

Outlook 2013 used basic authentication with Exchange Online even for Federated users. So even though we have an SSL encrypted traffic tunnel we needed to transfer our username and password to Exchange Online.

The enhanced feature with ADAL will make Outlook 2013 able to make the redirect dance we are used to when login into Office 365 with a web browser.

This is the same for all Office Applications accessing an Office 365 Service, aswell as licensing the Office Application with a Office 365 Plan.

Lync 2013

Lync 2013 Client connecting to Lync Online only supported WS-Protocol for Federated users, which some Identity providers doesn’t support and therefore wasn’t available With Lync Online.

Using Active Directory and Active Directory Federation Service supported WS-Protocol togethere With SAML Protocol.

But now ADAL makes the Lync 2013 Client from the Office 365 Pro Plus installation supporting SAML aswell.

This also goes for storing files in SharePoint Online or OneDrive for Business using Word, Excel or PowerPoint 2013.

Multi Factor Authentication

The App-Passcode will not be needed for Office 2013 anymore, as the ADAL authentication will give us the real Method for MFA With Office 365.

The Methods available is answer a phone call, entering a mobile app passcode or using a smartcard.


The enhanced authentication will be available in Private Preview, but it doesn’t work With all features so don’t sign up if you use any of these features:

Information Rights Management
External Sharing in SharePoint Online
Outlook configured With multiple Office 365 tenants when one isn’t ADAL enabled
Authenticated Internet Proxy
ADFS Client Access Policies

And when enabling ADAL the users might need to enter their credentials again.

Private Preview is the same as Alpha Version and Genereal Availability is a Beta Version.

Until it is rolling out to all tenants it isn’t ment to Production environment.

Source: Office Blog.


I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts