2 min read

Microsoft delays Exchange Online credential cutoff

Microsoft has pushed back removal of Exchange Online PowerShell’s -Credential parameter to December 2026 after customer feedback.

Image: The Register

Microsoft has delayed the removal of the -Credential parameter from Exchange Online PowerShell until December 2026, giving administrators more time to find and fix scripts that still depend on it.

The parameter is used when connecting to Exchange Online PowerShell, letting admins pass stored username and password credentials. Microsoft has long discouraged that approach as it moves away from password-based authentication in favor of more secure methods.

The company had previously scheduled the parameter’s removal for July 2026. For many IT teams, the hard part is not understanding the policy shift but locating every automation script that uses -Credential, updating those workflows, and testing that the replacements actually work.

Recommended reading

WordPress AI sparked a consent fight hosts can’t ignore

Once Microsoft removes the parameter from the Connect-ExchangeOnline and Connect-IppsSession cmdlets in the Exchange Online PowerShell module, any remaining scripts that rely on it will break.

Microsoft said the cutoff will now apply to module versions released beginning December 2026.

“If your organization uses the -Credential parameter in PowerShell scripts or automation workflows connecting to Exchange Online or Security & Compliance PowerShell, those scripts will break when you update to an Exchange Online PowerShell module version released beginning December 2026.”

Microsoft

That means the retirement does not take effect until customers install an affected update. Microsoft also said the server-side retirement of the underlying authentication flow is planned “for a later date.”

“When that occurs, the -Credential parameter will stop functioning even on older module versions.”

Microsoft

According to Microsoft, the delay came after customer feedback. Even with the extension, the company is still urging customers not to wait.

“While our published timeline extends to the start of December 2026, we strongly recommend that all customers transition away from the -Credential parameter as soon as possible and not wait until the deadline.”

Microsoft
Marcus Vance

Enterprise Editor

Marcus follows the money. He covers enterprise software, cloud architecture, and the tectonic shifts in Big Tech strategy. He translates dense earnings calls and complex M&A activity into actionable insights about where the industry is actually heading. If a tech giant makes a silent pivot, Marcus is usually the first to notice.

via The Register

// Keep reading