Recently, Microsoft has strengthened security by enabling by default Security Defaults, making traditional SMTP connections (Basic Authentication) from accounting software like MISA, sales software, or WordPress websites difficult. You often encounter connection failure or authentication failure errors.

This article will guide you step by step on how to disable Security Defaults, enable SMTP Auth and get App Password (app password) to successfully integrate mail sending 100%.

Why can't you send mail with your regular Outlook password?

Microsoft has now blocked Basic Authentication (login only with User/Pass) for legacy protocols to avoid security risks. To send mail via SMTP, you need to “loosen” some security policies for that sending mail account, while using App Password instead of your daily login password.

3-step process to perform

The standard process consists of 3 steps:

1. Disable Security Defaults in Microsoft Entra ID (Azure AD).
2. Enable Authenticated SMTP for the outgoing email account.
3. Create App Password to paste into MISA/Software configuration.

Step 1: Disable Security Defaults (Required)

This is the most important step. If not disabled, you cannot enable SMTP Auth.

1. Access the admin page Microsoft Entra admin center with a Global Admin account.
2. Look at the search bar at the top, type “Properties”.
3. Select the result Properties located under the section Microsoft Entra ID.
4. Scroll to the bottom of the page, find the blue link line Manage security defaults.
5. Change status to Disabled (Not recommended).
6. Select any reason (e.g.: Application requires legacy authentication) and click Save.

Step 2: Enable Authenticated SMTP for the sending mail account

After turning off the general privacy policy, you need to grant SMTP mail sending permissions to the correct account you want to use (for example: hoadon@congty.com).

1. Access Microsoft 365 admin center.
2. Go to menu Users > Active users.
3. Click on the email account name you want to configure.
4. Select tab Mail.
5. Find the item Email apps, click on Manage email apps.
6. Check the box Authenticated SMTP.
7. Click Save changes.

Step 3: Allow and Create App Password

Instead of using the login password (often accompanied by phone authentication that the software doesn't understand), you will create a dedicated password specifically for MISA.

3.1. Enable App Password feature for the entire company

• Still on the page Active users, click on the button Multi-factor authentication on the toolbar (or search for “Multi-factor authentication” if not visible).
• In the new window, select service settings (service settings).
• Check the box: Allow users to create app passwords to sign in to non-browser apps.
• Click Save.

3.2. Get App Password

• Log in to the link: mysignins.microsoft.com/security-info with the sending email account.
• Click the plus sign (+) Add sign-in method.
• Choose App password.
• Enter a memorable name, e.g., “MISA SMTP”.
• The system will provide you with a random string of characters. Copy this string immediately. This is the password you use to enter into MISA.

Configure in MISA / Software

Now return to the MISA software or Web App, fill in the information as follows:

• Mail server (SMTP Server): smtp.office365.com
• Port: 587
• Security method (Encryption): STARTTLS (or TLS).
• Username: Your full email address.
• Password: Paste the App Password created in Step 3 (Do not use Outlook login password).

Press Check connection and enjoy the “Connection successful” result!

Technical guide article by DPS MEDIA.