I find it ridiculous that MS has provided group policy to disable network and cert based creds, but NOT generic ones. It seems to be well documented on the internet that these "generic credentials" where O365 stores them, are the number one way 0365 accounts get compromised, and yet MS doesn't see the need to be able to disable the caching of the credentials for the corporate world. Do what you want with the home , but at least give admins the ability to secure their environment. I know there are scripts out there to keep clearing them from the vault, but to me that is an unacceptable answer. MS needs to provide a real administrative solution to the issue in the form of a GPO that allows the disablement of generic credentials for the corporate world.
With my rant over, if anyone has figured out a way to disable the caching of generic credentials, especially O365 credentials, I'd appreciate knowing how you did it.

