Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Fewer login prompts: The new “Keep me signed in” experience for Azure AD is in preview

Community Manager

A common request we get from our customers is to reduce the number of times users are prompted to sign into Azure AD. One way to reduce the frequency of prompts is to check the “Keep me signed in” checkbox on the sign-in flow, but our telemetry shows that usage of that checkbox is very low. But we know from talking to customers, that cutting down on the number of sign-in prompts is REALLY important. Nobody wants to have to sign-in to an app multiple times!

 

So today I’m happy to share that we’re improving how “Keep me signed in” option is shown to users. We’re also adding intelligence to ensure users are prompted to remain signed in only when it’s safe to do so.

 

Old-KMSI-1024x524.jpg

 

Read about it in the Enterprise Mobility & Security blog.

30 Replies

I am on W10 and do not get the KMSI prompt in the new sign in experience. Consequently, every time I have to Pick an account, after which it signs in with SSO. I tried to remove all internet explorer cache but I cannot get O365 to give me a KMSI prompt. What to do? I read somewhere something about a Windows Credential Manager, but I do not know what to do in there. Please help as this is annoying and costing extra seconds on each browser session.

What kind of SSO do you have set up? Eg. Seamless SSO, Windows Integrated Auth etc.

If a user has made the selection to not stay logged in... but now wants to take advantage of it, do they just need to clear their browser cache/cookies or ? to get the KMSI prompt again?

Yes. If you delete the Microsoft login related cookies the prompt appears again.

> but our telemetry shows that usage of that checkbox is very low.

 

And it occurred to NOBODY that maybe, just maybe, the usability or visibility of that option might be where the problem lies?

 

You REALLY think it's because people DON'T want to avoid chronic sign-ins?

 

I despair at the current state of start-of-the-art user interface principles.

The keep me signed in button has disappeared from my login and now have to log in multable times of day

Once I've answered no I don't want fewer login prompts how do I get it to ask me again so I can change my answer. :)

I cleared all my browsers history including cookies the prompt did not pop up.

Clearing cookies should reset the state and show you the prompt again on that browser. Did you ever see the prompt on that specific browser before?

Is there a possibility to switch off the "stay signed in" question? As developer I often switch the environment and I never want to stay signed in for days. When I accidentially check the stay signed in checkbox and open another Dynamics 365 Environment by link I get the message that I am no member of the organization.

  1. Sign in to the Azure portal using a Global administrator account for the directory.

  2. Select Azure Active Directory, and then select Company branding, and then select Configure

  3. At the bottom there is an alternative for turning this off

Adam