Massive Microsoft account security change almost snuck out without enough warning

The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
Outlook on the web and other Microsoft websites will now leave your account signed in automatically. (Image credit: Getty Images | Bloomberg)

Microsoft is about to make a major change to how sign-ins work within web browsers. Starting February 2025, you will automatically stay signed in to your Microsoft account. This is a significant change from the current behavior, which would sign out automatically after 24 hours.

The change aligns Microsoft more with Google, which already leaves accounts logged in. But that alignment is not necessarily a good thing. Google has been criticized for this behavior, and Microsoft will likely see some pushback.

The change will save some time for those who use Microsoft accounts on personal computers or within any secure environment. However, unless someone knows about the change, the new behavior could also increase security risks surrounding a Microsoft account.

It's good practice to explicitly sign out of your Microsoft account and other accounts after you've finished using a public or shared PC, but there was a built-in failsafe for those who did not sign out. Signing in an account by accident still leaves your details vulnerable for 24 hours, but after that, your account will be signed out automatically.

Alternatively, you can use private browsing. Microsoft recommends that route as a more secure way to use a public or shared PC.

Outlook showing notification about accounts remaining signed in automatically.

Outlook now warns users about the upcoming change that will leave accounts signed in automatically. (Image credit: Future)

Microsoft almost rolled out the change without a clear and obvious notification to users. A short note on a Microsoft support document highlights the change, but that page is unlikely to be seen by many. But Microsoft has added a notification within Outlook on the web.

Outlook now shows a warning that states, "Your sign-in experience is changing. You'll stay signed in unless you use private browsing or explicitly sign out."

If you leave a browser signed in to your account on a PC or anywhere else, you can sign out of your Microsoft account remotely. This can be done through advanced security options within the Microsoft account security dashboard. Microsoft also has a guide on how to manage devices that use your Microsoft account.

TOPICS
CATEGORIES
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_. 

Read more
Outlook Client Hero
Did Microsoft just try to gaslight us? The tech giant has seemingly backtracked on changes to the account sign-in experience.
Downloading Google Chrome in Microsoft Edge
Would you trust AI to change your browser passwords automatically? Google thinks you will.
ASUS ExpertBook CX54 Chromebook
Months before millions of PCs will get stuck on Windows 10, Google makes its case for running ChromeOS to use Microsoft 365
Microsoft Defender VPN
Microsoft is killing its “free” VPN with Microsoft 365 subscriptions, just days after increasing prices
Notepad on Windows 11
Microsoft just put this controversial Notepad feature behind a paywall
Microsoft 365 app on Windows 11 with shortcuts to create documents in Word, PowerPoint, Excel, and other Microsoft 365 applictions.
This Microsoft 365 feature will nudge users to save files to OneDrive
Latest in Microsoft
Cloud servers
Microsoft has killed "several" data center projects in the U.S. and Europe, according to reports — Microsoft responds (Updated)
Steve Ballmer and Bill Gates, former CEOs of Microsoft.
Bill Gates says Satya Nadella almost missed the cut for CEO of Microsoft — Even with Steve Ballmer's support
HP Reverb G2 VR headset
Was Windows Mixed Reality as bad as I remember? I look back at the failed VR platform that was ahead of its time.
Microsoft Majorana 1 chip designed for quantum computing
Microsoft dismisses quantum computing skepticism: "There is a century-old scientific process established by the American Physical Society for resolving disputes"
The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
"Would you say there is a reasonable balance between what you contribute to Microsoft and what you get in return?" Two-thirds of Microsoft employees say YES — as AI engineers get preferential compensation packages.
Like a Dragon Pirate Yakuza in Hawaii screenshot
Microsoft blocks (some) Windows 11 pirates while Lenovo steals the show at Mobile World Congress
Latest in News
Call of Duty: Black Ops 6 Zombies mode screenshots for Shattered Veil map.
The next Call of Duty Zombies map, "Shattered Veil", is dropping earlier than expected
Helldivers 2
The new Helldivers 2 Illuminate Major Order is so important that we got a new stratagem for it
Hogwarts Legacy troll hero image
Hogwarts Legacy DLC reportedly canceled by WB Games
Tom Clancy's Rainbow Six Siege
Rumored Ubisoft and Tencent agreement comes to fruition with 25% stake and new division for the Assassin's Creed developer
In-game screenshot of the player consuming an enemy in Shadow Labyrinth
This isn't your grandpa's Pac-Man — Bandai Namco's iconic character gets a gritty new action game this Summer
Key art for Dragon Quest 1 and 2 HD-2D remake
Every PC and Xbox game shown off during Nintendo Direct March 2025