Microsoft Requires Account Sign-In Starting February

Microsoft is implementing a big update to its account authentication mechanism beginning in February 2025. Microsoft will make some changes to the way you sign in to your Microsoft account next month. The new mechanism keeps users signed in across sessions unless they expressly sign out. This is starting in February, you will be automatically signed in to your Microsoft account unless you sign out or utilize private browsing. It’s a development that people should be aware of, particularly if they’re using public computers.

To better understand the change, look at how Microsoft currently handles sign-ins. When you sign in to a Microsoft account through a web browser, a “stay signed in” prompt appears after you provide your username, password, and optional two-factor authentication verification.

Right now, when you sign in to a Microsoft account, you’ll be asked if you want to stay signed in, so you don’t have to sign in again the next time. Microsoft’s change to automatically keep you signed in means you’ll have to use a private browsing window on public PCs or remember to sign out once your session ends, otherwise the account will remain signed on.

If you frequently use public computers with your Outlook or Microsoft account, it’s time to start getting used to logging out or using a private browsing session (which you should do anyway). If you forget to sign out of your Microsoft account in February, you can always force it to be signed out across all browsers, applications, and devices other than Xbox consoles.

Microsoft’s most recent modification to its account sign-in process comes months after the company expanded passkey support to all of its customer accounts. You can generate passkeys for your Microsoft account by clicking this link, and you can use your face, fingerprint, PIN, or security key to sign in with a passkey. Check out our assessment of the top authenticator apps for Android and iOS.

When you decline, you remain signed in for the session only. When you accept it, you remain signed in even between sessions. Beginning early February, this prompt will be discontinued.

Here are the details:

The move, though a new global, is one that signs you out option and this affects all Microsoft services, including Outlook, OneDrive, Microsoft 365, and other applications that need login.

Security Implications

While the change may appear trivial at first appearance, it could have major implications for shared or public computer systems.

The next user may access the Microsoft account and connected services if you do not explicitly sign out.

One workaround is to use a browser’s private browsing mode on shared or public computers. Sign-ins and other activities are only stored during the browsing session. Once you close the browser, all data, including Microsoft account information, is lost.

Microsoft customers who neglect to sign out of systems that others have access to may initiate a global sign out. This global sign out option is one which forces a sign out on all systems where the user has ever signed into at any time.

Here are steps on how this works.

• Visit this Microsoft help website.

• Choose the “sign in” button on the page. A new page appears, prompting you to sign in if you haven’t previously.

• Scroll down the additional security options page until you reach the sign out everywhere section.

• Activate the sign out everywhere link.

• To confirm the prompt, select “sign out”.

Microsoft clears everyone that this could take up to 24 hours. In other words, there is a 24-hour window during which others can still access Microsoft account-related services on different machines.

The change mostly affects Microsoft customers who login in to their accounts from public or shared devices. Others may also be affected, albeit to a lesser degree.