Forum Discussion
Solved
A cache password on a mobile device is still accessing Office 365 Emails
Hi I have been asked to advise a client who is convinced that although a former user's password has been reset; they appear to be both accessing, and forwarding their emails via their own mobile...
There are two types of token issued when user authenticates to O365 (via Modern auth that is): an access token, the one actually granting the access, and a refresh token, used to "renew" access. The cmdlet and the admin UI button revokes the refresh token, so that no new access tokens can be renewed unless the user logs back in. Any valid access token remain active though, and their lifetime is 1 hour, so that's the worst case scenario.
More info for example here: https://support.office.com/en-us/article/Session-timeouts-for-Office-365-37a5c116-5b07-4f70-8333-5b86fd2c3c40?ui=en-US&rs=en-US&ad=US
I think you could also login to the account and go to Options / General / Mobile Devices and remove all devices from the account? Then someone would need to be able to login to add a device back.
@geoffrey
I have forwarded your reply to my client and we'll check when I get in tomorrow morning.
I have forwarded your reply to my client and we'll check when I get in tomorrow morning.