AAD joined Win10 device - cached credentials expiry

Brass Contributor

Trying to find a concrete answer on this, have searched Microsoft's documentation but couldn't find anything exact.


How long are the Windows logon credentials cached locally  on a Windows 10 device which is AAD joined?


Scenario - device is powered down and not logged onto for a couple of months, user powers on device and is able to log in and access device providing it is not connected to a corporate network or the internet. Regardless of whether that users account, AAD device or Intune device has been disabled or removed.


I think i read that the locally cached credentials never expire, but hoping for additional confirmation?

If it is indefinite by default, is there a CSP that can be configured much like the group policy which was available historically?


Chris Jacob

  • p
0 Replies