Teams - can automatic sign-in be disabled

Question

We have several meeting room computers and shared laptops which have a single shared user account (and they are not domain joined). Is it possible to prevent Teams from signing in automatically? From testing, it appears that once the user clicks OK to the default options the first time they sign in, it will then cache the details and even if they sign out, it will remember the password as soon as an attempt to sign back in with that email address is attempted - which is obviously not suitable for a shared computer account.

Thanks

Answer 1

I posted the original question - never did find a solution, and we have moved away from having any shared accounts (this was one of the reasons). As stated by the most recent commenter, the suggestion by JimmyYang is wrong - even if a user signs out, it doesn't forget the cached credentials and they can sign in again without being asked for the password.

MFA is also of limited use, as if shared devices are in an office location it may well be the case that the office is on a whitelist so that MFA isn't applied there.

Answer 2

This is incorrect. The user is NOT prompted to re-enter credentials after signing out. Must be cached somewhere, but how to disable? Clearly a security concern.

Answer 3

Hi,

I had the same Problem. Just add this Registry key:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin

DWORD: BlockAADWorkplaceJoin
and assign value 1

Answer 4

I made this batch script which solved the problem for us:

taskkill /IM "Teams.exe" /F
taskkill /IM "Microsoft.AAD.BrokerPlugin.exe" /F
del C:\Users\%username%\AppData\Roaming\Microsoft\Teams\desktop-config.json /q
rd C:\Users\%username%\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy /s /q

Answer 5

I just came across this advice. Worth trying.

https://www.kapilarya.com/disable-microsoft-teams-auto-sign-in-to-domain-joined-account