In February, Microsoft will introduce a significant change to its login process. Users will remain signed into their accounts even after closing their browsers. This update, announced on Microsoft’s support page, aims to simplify access to services but raises questions about security.
Under the new rules, logging into a Microsoft account via a browser or app on any device, including public computers, will keep the authorization active by default. This means emails on Outlook, files on OneDrive, and even search history could remain accessible to the next device user.
This shift brings potential security risks, as sensitive data stored in emails or cloud files could be exposed. Microsoft advises users to enable their browser’s private browsing mode to prevent the storage of login credentials and session data.
The new feature mirrors Google’s account system, where users remain logged in until they manually sign out. Microsoft recommends enabling two-factor authentication (2FA) for enhanced security, particularly when using shared or public devices.
For those who work exclusively on personal devices, this update may be a welcome convenience, offering faster access to services. However, for anyone using public or shared computers, it becomes crucial to manually log out after each session to avoid unintended access to their accounts.
Microsoft has yet to comment publicly on the rationale behind this change, but it’s believed the company aims to simplify the user experience for those who frequently rely on browser-based services rather than standalone apps.
The update is set to take effect on February 1, and Microsoft may include additional alerts to inform users about the new authentication rules. Whether this change will strike the right balance between security and convenience remains to be seen. Users are encouraged to take proactive steps to safeguard their accounts, particularly when working on non-personal devices.
