When using Multi-factor authentication in Office 365 something that is good to understand is how often you can expect to be prompted to enter the second factor.
Microsoft Office 365 session timeouts article below explains how this works in the Azure Active Directory with modern authentication section:
Session timeouts for Microsoft Office 365
When you successfully authenticate you will receive a access token and a refresh token to be able access Office 365 services . The access token is only valid for an hour and then the refresh token is used to obtain a new access token if the initial authentication is still valid.
The Refresh token is valid for 14 days but if you are continuously using your mailbox during this period it can last up to 90 days.
So it could be you are not asked for Multi-factor authentication again for up to 90 days in Outlook.
Things that could force you to re-authenticate:
- If you sign in and out again in Office clients
- Don't login for 14 days on that device
- Change your password
- Administrators can apply conditional policies to restrict the resource the user is trying to access
- Swap between Office 365 accounts
More information on how to enabled modern authentication in Office 365 can be found below:
How modern authentication works for Office 2013 and Office 2016 client apps
Related Articles
Breaking down what end of support means for Windows 7 or Office 2010 users
Struggling to know what the next steps are for Windows 7 or Office 2010 upcoming end of support? This infographic will help.
Read MoreMicrosoft 365 | September 2019 updates
Discover the latest update to hit Microsoft 365 this September...
Read MoreMicrosoft 365 | August 2019 updates
Dark mode for Outlook mobile and office.com is finally here! Discover the details plus other updates in this blog.
Read MoreMicrosoft Azure | August 2019 updates
There are a fair number of Azure updates this month, from new Azure Archive Storage capabilities to new High Availability add-on upd...
Read More