Microsoft 365 work and school accounts: Microsoft retired Basic Authentication for IMAP on Microsoft 365 work/school tenants in early 2023. Those accounts now require OAuth, which Pop3Fetch does not currently support for Microsoft. If your address is provided by your employer, school, or organization on a Microsoft 365 tenant (often visible as a tenant suffix in your sign-in URL), this guide won't work — please contact us at
info@pop3fetch.com if Microsoft 365 OAuth support would unblock you.
Microsoft accepts both outlook.office365.com and the older imap-mail.outlook.com for personal accounts; either works. outlook.office365.com is the current canonical hostname and is what Microsoft's own docs recommend.
Step 1 — Enable two-step verification
Microsoft only offers app passwords on accounts with two-step verification enabled. If you already have it on, skip to Step 2.
- Sign in at account.microsoft.com
- Open Security → Advanced security options
- Find Two-step verification and turn it on
- Microsoft will guide you through setting up an authenticator app or phone number
Step 2 — Generate an app password
- Still on account.microsoft.com → Security → Advanced security options
- Scroll to the App passwords section
- Click Create a new app password
- Microsoft will display a 16-character password. Copy it now — Microsoft won't show it again.
What the password looks like: 16 lowercase letters, no spaces, no labeling. Paste it into Pop3Fetch exactly as displayed.
Step 3 — Add Outlook to Pop3Fetch
- Sign in to app.pop3fetch.com
- Click Add an account
- Fill in:
- IMAP host:
outlook.office365.com
- IMAP port:
993
- Username: your full email address (e.g.
yourname@outlook.com)
- Password: paste the app password from Step 2
- Click Save
Pop3Fetch verifies the connection and starts importing on the next sync cycle — within 5 minutes on Basic, 1 minute on Pro.
Common issues
"Authentication failed"
Three likely causes:
- You used your regular Microsoft account password instead of the app password. Re-do Step 2.
- Your account is a Microsoft 365 work/school account, not a personal Outlook.com / Hotmail / Live account. Those use OAuth and aren't supported by this flow — see the orange notice at the top of this page.
- IMAP is disabled in your Outlook.com mailbox settings. Open outlook.live.com → Settings → Mail → Sync email, and confirm IMAP is enabled.
"App passwords" option isn't showing
Microsoft hides this until two-step verification is fully enabled. Complete Step 1 and reload the page.
I have a custom domain via Outlook.com Premium
Outlook.com Premium with a custom domain uses the same outlook.office365.com server and the same app-password procedure. Use your full custom-domain address as the username.
Hotmail, Live, MSN, Passport addresses
All of these are personal Microsoft accounts and route through the same IMAP server. Use the full email address as the username.
I lost the app password
Microsoft only displays each app password once. If you lost it, generate a new one — you can have multiple. Revoke the old one from the same App passwords page if it's not in use anywhere else.
Notes
- App passwords don't expire on their own. They stay valid until you revoke them or change your Microsoft account password.
- Each app password should be used by exactly one service.
- If Microsoft eventually removes app-password support from personal accounts (as they did for work/school accounts in 2023), we'll need to ship OAuth support before that change takes effect. We monitor Microsoft's identity roadmap.
- Revoking the Pop3Fetch app password at Microsoft will immediately stop Pop3Fetch from importing — useful as a fast "off switch" if you ever need one.