Occasionally my company having issues with Office 365 prompt for a password.
Let's start to describe the example:
John Doe is working from home and has a VPN connection established, he didn't use it too often because doesn't require to. To help John Doe and keeps him secure we have the policy to change the password every 45 days on his laptop (when connected to VPN Azure is synching the password using Single Sign On to Office 365 etc). John Doe needs to log in every 45 days to change his password but he sometimes forgets it to change the password in VPN (to synch the data with office 365 and the rest of the accounts) he only changing it on his company laptop (per GPO assign to his local machine). In effect, the passwords change is not synching with the office365 accounts, so after a week or two if he needs to log in to VPN his password doesn't match (he doesn't remember the old one because he has a problem with memory :)). This is not the only issue that we have on John Doe Laptop, it seems after a week the Office 365 apps are working on old password, which should be blocked because he didn't change the master password by connecting his laptop thru the VPN (the reason for this is he didn't reboot his laptop too often and sometimes leaving on sleep)
My question is, is there a way to block or check without a VPN connection daily or hourly if the user didn't surpass the password change and if he did then to let him know by asking again for credentials? In the task scheduler, there are few very similar tasks, but no one is checking if the user has good credentials used.