Hello.
We are

  • Expert

The New Microsoft Outlook – Slick Look, Sticky Strings?

Microsoft has begun rolling out its shiny new version of Outlook—nicknamed “One Outlook” or Project Monarch. It promises a modern, streamlined interface that works the same across Windows, macOS, and web browsers. Sounds tidy, right? But dig a little deeper, and there are a few eyebrow-raising changes—especially when it comes to where your emails live, how credentials are stored, and what this all means for security.

Out with the Old (and Local), In with the Cloud

The new Outlook is built like a Progressive Web App—basically, it’s the web version of Outlook in a desktop wrapper. So, unlike the trusty old versions that stored emails on your computer (PST/OST files), this new one fetches your messages directly from Microsoft’s servers in real time. Minimal caching, maximum dependence on the internet.

Key changes:

  • No local email storage
  • Same look across all platforms
  • Cross-platform add-ins now work everywhere

Credential Quirks: Who Has Your Password?

Outlook now uses OAuth 2.0 for most Microsoft accounts—which is great. But if you're connecting to something like Gmail or a private mail server that doesn’t support OAuth, Microsoft may store your actual email password in the cloud. Yep, in their cloud. For convenience, of course.

Why it matters:

  • Credentials for third-party accounts may be stored by Microsoft
  • Removing the account in Outlook doesn’t always remove it from Microsoft’s systems
  • A breach of your Microsoft account could expose everything it’s connected to

From Lockdown to Wide Open

If you’re using Expert’s hosted email, we normally lock your account to New Zealand (or wherever you're based) for extra security. Travelling? Let us know, and we’ll unlock access temporarily.

But… the new Outlook wants unrestricted global access so it can sync all the time. Which means we have to remove those location locks—and that means a less secure setup overall.

Better option? Use another email client (like Thunderbird) that doesn’t rely on Microsoft’s always-on cloud syncing. It’s free, powerful, and keeps your credentials where they belong—with you.

Final Thoughts

The new Outlook is sleek and consistent—but that convenience comes with trade-offs:

  • Less control over your data
  • Passwords potentially stored offsite
  • Compliance questions for regulated industries
  • Unexpected behaviour with links, tracking, and offline access

If you're considering switching (or already have), give us a shout. We’re happy to talk through options that balance functionality, flexibility, and security.

In summary:

“The new Outlook is like asking a friend or neighbour to clear your letterbox when you go on holiday and finding that they’ve opened it all and replied to the senders when you return home.”

If this blog has you a bit worried and you’d like a more in-depth look into how these changes work and how they might affect you, we have a more techie/detailed version available which can be found here.