Apr 112011
 

Well, it’s been ten months since my last post on this topic.  I believe if my site was The Consumerist, their response would fall into the ‘Taking it Seriously’ category.  For those of you interested in this topic, the  transcripts are below. (edited for the removal of sensitive or redundant information. Emphasis (bold) is mine.) If you’re not interested in the topic, skip this post if you know what’s good for you because I’m posting customer service correspondence. There will be a captioned cat at the bottom, so this post has THAT going for it.

Short version: If you’re logged into more than one computer with their Single Sign On (SSO) tool and you change your password at one of those computers the other SSO tool stays signed in, stops working, and offers no notification that this has happened. Outlook just shows you this lovely popup that explains everything very eloquently.

Me:
As I have been with this service for a while, we’ve had a chance to experience the password change cycle, and would like to ask for a change in function for the process.

I allowed my password to expire to experience how often the user would be notified, and how they would be notified. I tested on XP and Win7 desktops, which performed pretty much the same in this task. I received a systray notification about once per day telling me my password was expiring.

When my password expired, I did NOT get a ‘Hey, you’re expired now’ popup. Email just stops working when it expires. Outlook displays ‘Need Password’ in the bottom right, and you will get the credential popup from Outlook. The former is easy to miss, and the latter is VERY confusing in appearance to a user since the server name is nearly unidentifiable to them. Many people think they are now supposed to log into that popup box in Outlook, and never look at the Sign-In tool again!

Worst of all, the Sign In tool box still shows you as being signed in (solid blue, no red x)! We have trained our users that a solid blue Sign in tool means they are properly signed in. This behavior also occurs if a user changes their password at home, then arrives to work and wonders why their email isn’t working despite the sign-in tool saying they are signed in.

I would like to request that the sign in tool does a better job of checking its current credentials, and that its icon change in a way that notifies the user that they are no longer properly signed in. Also, either a systray popup notifying them that their password has expired/changed, OR disabling the Sign-In tool’s Auto-minimize feature when the password is expired (since many users seem to just click systray balloons away)
Thank you for your consideration.

MSOL:
We take the issue very seriously and understand the inconvenience. However, at this time the design of the system is to warn users only when their password is about to expire. Single Sign On will stay signed in even after the password expires, until the user signs off. Once the user signs off, it will prompt them to change their password. I do understand the inconvenience with programs like Outlook that constantly check for credentials every time it query’s the server.

I see that this issue has been submitted to the Development Team and is being considered for a future release of the BPOS Service. It may have an improvement when Office 365 is released later this year.

Me:
I recognize what you said in your previous communication: “However, at this time the design of the system is to warn users only when their password is about to expire.” I hope it IS being strongly considered for a change in behavior. A SSO tool that doesn’t track the user’s current authentication status across multiple machines is lacking in my opinion. Part of the utility in your service is the ease with which we can set users up with their work email at a desktop at work, a laptop, and their home computer. This advantage becomes a headache as soon as a user changes their password at one of these locations, and the other locations fail to automatically notice they are no longer authenticated.

Take the Google Talk application as an example. I have it installed on three machines. If I change my password for Gmail at any location, when I log into another location I’m nearly immediately shown a prompt to enter my current password. This is the kind of behavior I’d expect from a SSO tool.

MSOL:
Thank you for your response. We greatly appreciate feedback with issues like this from our customers, as it helps us tailor the product into a more user friendly, streamlined product. I apologize that we do not have an immediate fix for you, but it is being strongly considered for future updates and versions, including Office 365.

Well, if you made it this far, you’re either very interested or you fell asleep and your nose is on the Down arrow key. I promised a captioned cat picture, and I’m following through dammit!

This information about the Sign in tool is true as of v 1.0.1427.040.

Reddit<-- Share/Bookmark

  2 Responses to “Microsoft Online’s Password Change Policy pt. 2”

  1. I know this is now a year old, but Google brought me here. At least you got a popup from Outlook. Using Office 365 (replacement for BPOS? or something like that?) my email just stopped working. Period. Across all devices. It wasn’t until I signed into web mail that I was notified that my password HAD EXPIRED.

    Gets better. There’s a powershell cmdlet to disable password expiration. Fine for me. I ran it. No way to test if it’s working. The cmdlet in the powershell help files is not recognized as a valid cmdlet (yes, I checked the spelling).

    Microsoft has abysmal support going on here. The sad thing is, I’ve tried about 6 hosted exchange providers (more than 10 if you count the ones that were so bad I left within 2 days), and so far they’ve been the most reliable. That’s not saying a lot, but what a joke this is. Enjoyed the lolcat, BTW.

  2. Wow, that’s terrible. We’re hoping that upgrading to 365 will SOLVE our various login related woes. I hope your experience is isolated. :(

Sorry, the comment form is closed at this time.