Security Office 365 Login

%3CLINGO-SUB%20id%3D%22lingo-sub-2653752%22%20slang%3D%22en-US%22%3ESecurity%20Office%20365%20Login%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2653752%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20many%20will%20object%20but%20users%20(including%20IT%20admins)%20will%20work%20in%20ways%20that%20are%20easy%20for%20them%20regardless%20of%20IT%20requests%20or%20security%20concerns.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EQ.%20When%20a%20user%20logins%20to%20office.com%20and%20selects%20%22trust%20this%20computer%2Fremember%20me%22%2C%20they%20can%20then%20log%20in%20to%20office.com%20from%20that%20computer%20without%20any%20request%20for%20credentials.%26nbsp%3B%20If%20also%20makes%202FA%20a%20bit%20useless.%26nbsp%3B%20The%20computer%20could%20be%20a%20friends%2C%20college%20computer%2C%20library%20PC%2C%20etc.%26nbsp%3B%20People%20do%20and%20will%20tick%20that%20setting%20and%20will%20simply%20shut%20down%20the%20browser%20without%20logging%20off.%26nbsp%3B%20Anyone%20else%2C%20then%20goes%20to%20office%20.com%20with%20the%20same%20browser%20and%20they%20have%20full%20access%20to%20a%20user%20account.%26nbsp%3B%20It%20logs%20you%20straight%20in.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHow%20can%20you%20auto%20log%20off%20users%20after%20a%20period%20of%20inactivity%20from%20office.com%20as%20this%20poses%20a%20serious%20security%20risk.%26nbsp%3B%20We%20have%20not%20found%20a%20solution%20yet.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2653752%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdmin%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2654346%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Office%20365%20Login%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2654346%22%20slang%3D%22en-US%22%3EDon't%20allow%20them%3CBR%20%2F%3E%3CBR%20%2F%3E-%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fconcepts-azure-multi-factor-authentication-prompts-session-lifetime%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fconcepts-azure-multi-factor-authentication-prompts-session-lifetime%3C%2FA%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hi

 

I know many will object but users (including IT admins) will work in ways that are easy for them regardless of IT requests or security concerns. 

 

Q. When a user logins to office.com and selects "trust this computer/remember me", they can then log in to office.com from that computer without any request for credentials.  If also makes 2FA a bit useless.  The computer could be a friends, college computer, library PC, etc.  People do and will tick that setting and will simply shut down the browser without logging off.  Anyone else, then goes to office .com with the same browser and they have full access to a user account.  It logs you straight in.

 

How can you auto log off users after a period of inactivity from office.com as this poses a serious security risk.  We have not found a solution yet.

 

 

2 Replies