Many times, organization users remain signed in and leave their workspace open and which can be dangerous sometimes, as most of your valuable information resides in your Office 365 account (i.e. emails, files, events, videos, chat history and a lot more).
At ShortPoint, we put primary value on security. These practices are used by our support agents and developers when we work on our test environments, as well as on customer environments.
You can control this as an IT administrator and employ the same practices at your organization too. Office 365 has introduced a wonderful feature called Ideal session sign-out.
TABLE OF CONTENTS
Step 1: Navigate to your SharePoint Online Admin center
Go to Office 365 Admin Portal and open the SharePoint from the Admin centers (you might need to expand its options):
Note: If you have the classic SharePoint Admin Center, click Try it now for switching into new Admin Center:
Step 2: Configure idle session sign-outs
From the SharePoint Admin center, click Access Control from the left side menu under the Policies section:
Select Idle session sign-out option from the options:
Enable sign out inactive users automatically:
As soon as you enable the option, you will see two more settings to configure the time period of inactivity for:
Sign out users after
This means, if the user is inactive after the configured value here, he / she will be signed out automatically:
Give users this much notice before signing them out
That means before the given time of sign out, user will start seeing below popup, and they still have option to remain signed in:
Save your settings after you are done:
FAQ:
Q: What are the default sign-out values for Office 365
A: Here is a table showing the default timeouts:
Service | Timeout after |
---|---|
Office 365 Admin center | 8 hours. |
SharePoint Online | 5 days of inactivity as long as the users chooses Keep me signed in. If the user accesses SharePoint Online again after 24 or more hours have passed from the previous sign-in, the timeout value is reset to 5 days. |
Outlook Web App | 6 hours. |
Q: How long we have to wait for the above settings to get effected?
A: Microsoft says it takes around 15 minutes, but we had to wait a big longer, so please give it a longer time (i.e. nearly 8-10 hours). You can however try after 15 minutes, and please be aware that it will only work for new sign-ins and not already signed-in sessions.
Q: Does the policy effect existing signed-in sessions?
A: No, only new sign-ins.
Q: Is it possible to hide keep me signed in option while logging in?
A: Yes, admins can hide this option from admin center.
Note: This setting will only work when user doesn't select to stay signed in.
Related articles: