none
On a Mac, O365 session does not kill itself when the safari browser is closed RRS feed

  • Question

  • Hi, 

    We have setup MFA for access to O365. Mac users are faced with the fact, that when the Safari browser closes, the actual session is still active. This results in the fact that users are signed-in seamless without being not for an MFA. A quick search results in the following answer: 

    You are probably closing the last Safari browser window but not quitting the browser. Closing the last window will exit most applications on Windows, but not on OS X. You need to explicitly quit though the menus, +q, right clicking on the icon in the dock, etc. (Session cookies are deleted when the browser is quit.)

    Is this to behaviour to be expected and the way of working on a Mac, or can I adjust some other settings which result in authentication when a browser is closed?

    Wednesday, October 4, 2017 9:20 AM

All replies

  • If it were me, I would focus on the session timeouts for Office 365 rather than the local session cookies on the Mac browser. 

    Session lifetimes are an important part of authentication for Office 365 and are an important component in balancing security and the number of times users are prompted for their credentials.

    Session lifetimes vary depending upon the Office 365 service per the following:

    https://support.office.com/en-us/article/Session-timeouts-for-Office-365-37a5c116-5b07-4f70-8333-5b86fd2c3c40

    Thanks and hopefully this helps. Have a great day.

    Brian


    Brian Cheatham Principal Systems Architect Patriot Consulting Technology Group

    Wednesday, October 4, 2017 1:21 PM