Popup Window: Stay signed in to all your apps

%3CLINGO-SUB%20id%3D%22lingo-sub-2282584%22%20slang%3D%22en-US%22%3EPopup%20Window%3A%20Stay%20signed%20in%20to%20all%20your%20apps%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2282584%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20post%20is%20maybe%20not%20the%20right%20place%20for%20the%20discussion%2C%20but%20feel%20free%20to%20place%20it%20in%20the%20right%20discussion%20board.%20The%20issue%20came%20to%20light%20when%20using%20Teams%20though.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20using%20Microsoft%20applications%20like%20Teams%2C%20after%20you%20login%20with%20your%20credentials%20the%20window%20%22Stay%20signed%20in%20to%20all%20your%20apps%22%20will%20popup.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22stay.png%22%20style%3D%22width%3A%20519px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F274965i15E013D7EC28B558%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22stay.png%22%20alt%3D%22stay.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20found%20this%20is%20a%20security%20risk%20when%20logging%20in%20from%20a%20public%20windows%2010%20system.%20The%20risk%20is%20that%20when%20the%20user%20doesn't%20pay%20attention%20and%20click%20%22Ok%22%20button%2C%20the%20device%20will%20be%20AAD%20joined.%20After%20this%20you%20will%20be%20able%20to%20logon%20Teams%20without%20a%20password.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20want%20to%20disable%20this%20popup%2C%20to%20prevent%20users%20from%20just%20pressing%20the%20ok%20button.%20Is%20this%20possible%3F%20And%20if%20yes%2C%20is%20this%20only%20possible%20for%20the%20Teams%20app%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOnline%20people%20talk%20about%20conditional%20access%2C%20but%20this%20is%20a%20MEM(Intune)%20feature%20and%20not%20everyone%20have%20the%20license%20to%20do%20that.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHere%20is%20an%20article%20that%20explains%20very%20well%20regarding%20the%20%22Stay%20signed%20in%20to%20all%20your%20apps%22%20popup%20in%20Teams%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.kapilarya.com%2Faccidentally-clicked-allow-my-organization-to-manage-my-device-in-microsoft-teams%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fwww.kapilarya.com%2Faccidentally-clicked-allow-my-organization-to-manage-my-device-in-microsoft-teams%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20found%20an%20article%20that%20describes%20a%20way%20to%20prevent%20the%20system%20from%20AAD%20joining%20with%20a%20registry%20setting%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fcloudrun.co.uk%2Foffice365%2Fprevent-use-this-account-everywhere-on-your-device-screen-when-installing-office-365-proplus%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcloudrun.co.uk%2Foffice365%2Fprevent-use-this-account-everywhere-on-your-device-screen-when-installing-office-365-proplus%2F%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHandy%20when%20you%20want%20to%20prevent%20this%20in%20your%20organisation.%20But%20users%20will%20login%20from%20there%20private%20home%20systems%20and%20maybe%20from%20public%20systems.%20What%20then%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20things%20are%20unclear%2C%20please%20let%20me%20know.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2282584%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EHow-to%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2306484%22%20slang%3D%22en-US%22%3ERe%3A%20Popup%20Window%3A%20Stay%20signed%20in%20to%20all%20your%20apps%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2306484%22%20slang%3D%22en-US%22%3ENobody%3F%3C%2FLINGO-BODY%3E
New Contributor

Hi,

 

This post is maybe not the right place for the discussion, but feel free to place it in the right discussion board. The issue came to light when using Teams though.

 

When using Microsoft applications like Teams, after you login with your credentials the window "Stay signed in to all your apps" will popup.

 

stay.png

 

I found this is a security risk when logging in from a public windows 10 system. The risk is that when the user doesn't pay attention and click "Ok" button, the device will be AAD joined. After this you will be able to logon Teams without a password.

 

I want to disable this popup, to prevent users from just pressing the ok button. Is this possible? And if yes, is this only possible for the Teams app?

 

Online people talk about conditional access, but this is a MEM(Intune) feature and not everyone have the license to do that.

 

Here is an article that explains very well regarding the "Stay signed in to all your apps" popup in Teams;

https://www.kapilarya.com/accidentally-clicked-allow-my-organization-to-manage-my-device-in-microsof... 

 

I found an article that describes a way to prevent the system from AAD joining with a registry setting;

https://cloudrun.co.uk/office365/prevent-use-this-account-everywhere-on-your-device-screen-when-inst...

 

Handy when you want to prevent this in your organisation. But users will login from there private home systems and maybe from public systems. What then?

 

If things are unclear, please let me know.

1 Reply