When using Multi-factor authentication in Office 365 something that is good to understand is how often you can expect to be prompted to enter the second factor.
Microsoft Office 365 session timeouts article below explains how this works in the Azure Active Directory with modern authentication section:
When you successfully authenticate you will receive a access token and a refresh token to be able access Office 365 services . The access token is only valid for an hour and then the refresh token is used to obtain a new access token if the initial authentication is still valid.
The Refresh token is valid for 14 days but if you are continuously using your mailbox during this period it can last up to 90 days.
So it could be you are not asked for Multi-factor authentication again for up to 90 days in Outlook.
Things that could force you to re-authenticate:
- If you sign in and out again in Office clients
- Don't login for 14 days on that device
- Change your password
- Administrators can apply conditional policies to restrict the resource the user is trying to access
- Swap between Office 365 accounts
More information on how to enabled modern authentication in Office 365 can be found below:
Discover the latest Microsoft Teams meeting, calling and chat features that are coming this Autumn.Read More
We're shortlisted for CRN Cloud Services Provider of the Year, which we were delighted to receive in 2019, and SMB Reseller of the Y...Read More
"The leaders behind tomorrow’s mid-sized firms, growing innovative and resilient businesses, and making a big impact on their custom...Read More
Andrew, a Cloud Solution Architect, looks at what Azure is, why businesses should use it, and some Azure misconceptions he has heard...Read More