Microsoft to block outdated file access methods in Microsoft 365 starting July

Old file access methods in Microsoft 365 are about to stop working. Starting mid-July 2025, Microsoft will begin disabling legacy authentication protocols across its file-based services, including SharePoint, OneDrive, and Office apps.

As first reported by Bleeping Computer, this move targets protocols like Relying Party Suite (RPS) and FrontPage Remote Procedure Call (FPRPC), which are still used in some older tools and services to authenticate and open Office files in a browser. Microsoft says both are too easy to phish or brute-force and no longer meet today’s security standards.

Once the rollout begins in July, apps using RPS or FPRPC won’t be able to access files unless they switch to modern authentication methods. Microsoft expects to finish this transition by August. There’s no licensing change required, but organizations will need to ensure their apps or third-party tools comply.

Following the update, Microsoft 365 will also require admin approval before any third-party app can access files or connected sites. IT Admins can set up these workflows using Microsoft’s published guidance.

This update is part of Microsoft’s broader Secure Future Initiative (SFI), a push to harden security defaults across its products. Moreover, Windows 365 received a similar update earlier this week, with new security defaults rolling out in parallel.