When using Multi-factor authentication in Office 365 something that is good to understand is how often you can expect to be prompted to enter the second factor.
Microsoft Office 365 session timeouts article below explains how this works in the Azure Active Directory with modern authentication section:
Session timeouts for Microsoft Office 365
When you successfully authenticate you will receive a access token and a refresh token to be able access Office 365 services . The access token is only valid for an hour and then the refresh token is used to obtain a new access token if the initial authentication is still valid.
The Refresh token is valid for 14 days but if you are continuously using your mailbox during this period it can last up to 90 days.
So it could be you are not asked for Multi-factor authentication again for up to 90 days in Outlook.
Things that could force you to re-authenticate:
- If you sign in and out again in Office clients
- Don't login for 14 days on that device
- Change your password
- Administrators can apply conditional policies to restrict the resource the user is trying to access
- Swap between Office 365 accounts
More information on how to enabled modern authentication in Office 365 can be found below:
How modern authentication works for Office 2013 and Office 2016 client apps
Related Articles
New in Microsoft Teams | June 2020
With improvements to meetings, call and chat, discover the latest updates to Microsoft Teams here
Read MoreCybersecurity even more essential in the wake of COVID-19
Cybersecurity has always been a business priority; the impact of COVID-19 makes this more important than ever.
Read MoreProtecting your business from cyberattacks post-COVID-19
As businesses begin to return to the office, we explore how you can stay secure in a post-COVID world
Read MorePlay Microsoft Teams bingo 🎉
Have some fun with colleagues during your next Teams meeting with a game of bingo!
Read More