Forum Discussion
Office 365 Mobile device sync question
Thanks Joel for the information and article which is useful.
On our Domain, we have mass changed user passwords at next logon which went OK.
Despite this, some users have not yet received a prompt to re-authenticate on their handsets with their new password, even after a week. For others, they had to do this straightaway.
This is normal, expected behavior. There are numerous levels of caching happening on the back- and middle-tier, which make life easier for the end user. Otherwise, you would be forced to enter credentials every time you send a mail or check for new ones.
With the switch to modern authentication and increased token lifetime, you can stay logged in for days, even months at a time, without seeing a password prompt. This is the reason why changing a password is never enough if your goal is to prevent someone from accessing the service, you need to take additional actions.
In any case, after the cache/token lifetime expires, the users will be prompted for credentials and have to enter the new password.