Wt cld be the root cause of this recurring microsftlogin prompt in Outlook 2024 on Windows 11 despite successful domain authentication&valid Exchange connectivity?How can this issue be permanently resolved without requiring users use browsers

Question

Wt cld be the root cause of this recurring microsftlogin prompt in Outlook 2024 on Windows 11 despite successful domain authentication&valid Exchange connectivity?How can this issue be permanently resolved without requiring users use browsers

MJ Gowhar 0

When configuring official email accounts in Microsoft Outlook (Microsoft 365 / Office 2024) on Windows 11 systems, users are able to successfully authenticate with their domain credentials (Active Directory username and password). The mailbox connects initially, confirming that credentials are valid, as users can also access their mailboxes via webmail and mobile applications without issue.

However, after a few seconds, Outlook repeatedly prompts for Microsoft account login credentials, displaying the Microsoft sign-in window in a loop—even after canceling the prompt or closing Outlook. This issue persists across multiple devices and user accounts, even after performing the following troubleshooting steps:

Clearing Outlook and Windows Credential Manager caches

Deleting .dat and profile-related files

Reinstalling Office 2024 on a fresh Windows 11 installation

The repeated Microsoft login prompt reappears regardless of these actions. This issue seems to affect multiple users in the organization.

Question:

Ravi Teja Morampudi 660 Reputation points Microsoft External Staff

2025-10-23T08:32:22.2166667+00:00
Hello MJ Gowhar,

A persistent Microsoft account login prompt in Outlook after initial successful Active Directory authentication suggests a conflict with cached credentials, authentication settings, or connectivity to Microsoft 365 services. Since the issue affects multiple devices and users, it's likely a configuration or policy issue rather than a localized profile problem.

The most probable cause is a misconfiguration of Modern Authentication, which uses OAuth 2.0 and is a requirement for securely connecting to Microsoft 365. The Windows installation may be failing to properly store the necessary authentication tokens, resulting in a loop of login prompts.

Potential causes

Hybrid authentication conflict: Your organization's environment may be a hybrid setup with both on-premises Exchange and Microsoft 365. This can lead to Outlook trying and failing to authenticate against the wrong service.

Modern Authentication misconfiguration: Outlook needs to be correctly configured to use Modern Authentication for Microsoft 365 mailboxes. If this is not set up correctly, Outlook can revert to older authentication methods, which fail.

Disabled Web Account Manager (WAM): The Web Account Manager is a Windows component responsible for handling authentication. If its components are disabled or corrupted, Outlook will fail to save the authentication tokens needed to maintain a connection.

Incorrect registry key: Certain registry settings can interfere with the Outlook Autodiscover process, causing it to fail and repeatedly ask for credentials. This can happen if Outlook is incorrectly attempting to check the Office 365 endpoint.

Solutions

Re-enable the Web Account Manager (WAM) Since multiple reinstallations haven't resolved the problem, the underlying Windows credentials cache may be corrupted. Use the PowerShell script provided by Microsoft to repair the WAM plugins.

Open Windows PowerShell as an administrator.

Execute the following command: if ((Get-OrganizationApp -Identity "Microsoft.AAD.BrokerPlugin").Enabled -eq $true) { Start-Process -FilePath "powershell" -ArgumentList "-ExecutionPolicy Bypass -NoProfile -NoExit -Command Add-AppxPackage -Register 'C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AppxManifest.xml' -DisableDevelopmentMode" } else { Write-Host "Microsoft.AAD.BrokerPlugin is not enabled for your tenant." }

Restart Outlook and test the connection.

Modify the registry to bypass Office 365 Autodiscover If your organization uses a hybrid setup, this registry change can stop Outlook from incorrectly attempting to authenticate against the Office 365 endpoint.

Open the Registry Editor (regedit.exe).

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover.

Create a new DWORD (32-bit) Value named ExcludeExplicitO365Endpoint.

Set the value to 1.

Close the Registry Editor and restart Outlook.

Manually add credentials with the correct format While you've cleared the Credential Manager, domain policy settings might be re-creating incorrect entries. Force the use of the Domain\Username format instead of the UPN (User Principal Name).

Close all Microsoft 365 apps.

Open Credential Manager from the Control Panel.

Go to Windows Credentials.

Remove any Generic Credentials entries related to Office, Outlook, or Microsoft 365.

Click Add a Windows credential.

For the internet or network address, enter the Exchange server address.

For the username, enter your domain credentials in the format: yourdomain\username.

Enter your password and click OK.

Restart Outlook.

Check Conditional Access Policies If your organization uses Microsoft Entra ID (Azure AD), a Conditional Access policy may be blocking access or requiring an additional sign-in.

As an administrator, review your Conditional Access policies in the Microsoft Entra admin center to ensure that Outlook is not being blocked.

Disable cached mode As a last resort for troubleshooting, temporarily disabling Cached Exchange Mode can determine if the issue is with the local offline data file.

In Outlook, go to File > Account Settings > Account Settings.

Select your email account and click Change.

Uncheck the box for Use Cached Exchange Mode.

Restart Outlook. If the prompt disappears, the issue is with your OST file. Create a new Outlook profile and let it rebuild the OST file.

Regards,

Raviteja M.

1 answer

Your answer

Answer 1

Dear @MJ Gowhar
Thank you for posting your question in the Microsoft Q&A forum. I understand that Outlook connects successfully at first but then repeatedly shows a Microsoft sign-in prompt, even after clearing credentials and reinstalling Office.
Based on your description, they are likely caused by a misconfiguration in how Outlook handles Modern Authentication (OAuth 2.0) tokens.

Even though users can initially connect and access their mailbox, Outlook may fail to retain the authentication token due to issues with Windows’ Web Account Manager (WAM), hybrid authentication conflicts, or incorrect Autodiscover behavior. This results in Outlook repeatedly requesting credentials.

To better assistance, could you please confirm following information:

Are you using Classic Outlook or the New Outlook for Windows?
Is the device Azure AD joined, Hybrid joined, or only domain joined?
Do you have any Conditional Access policies applied?
Is the device Intune-enrolled and compliant?
Do you see any error codes in the sign-in prompt?
Are you using third-party antivirus or endpoint security that could block Microsoft.AAD.BrokerPlugin?
Does this happen on all devices or only specific ones?
Have you recently enabled Token Protection or changed MFA settings?

In the meantime, I recommend these steps below:

1. Repair Windows Token Storage (WAM): Re-register the AAD Broker Plugin

Outlook relies on Windows’ Web Account Manager (WAM) to store authentication tokens. If WAM is broken or missing, Outlook cannot retain login tokens, causing repeated prompts.

Open PowerShell as Administrator.
Run the following command to re-register the AAD Broker Plugin: PowerShellGet-AppxPackage Microsoft.AAD.BrokerPlugin | Reset-AppxPackage Show more lines
Restart the computer.
Launch Outlook and sign in again.

This restores the token handling mechanism so Outlook can retain the login session.

2. Force Outlook to Use Correct Autodiscover Endpoint

In hybrid environments, Outlook may incorrectly try to authenticate against Office 365 instead of the on-prem Exchange server. This causes unnecessary Microsoft login prompts.

Open Registry Editor (regedit.exe).
Navigate to: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover
Add a new DWORD (32-bit) value: ExcludeExplicitO365Endpoint
Set its value to 1.
Restart Outlook.

This forces Outlook to skip the Office 365 endpoint during Autodiscover, preventing the wrong login prompt.

3. Ensure Modern Authentication is Enabled
Outlook 2024 uses Modern Authentication (OAuth 2.0) by default. If the server or client isn’t configured to support it, login tokens won’t work properly.

On the Outlook Client:

Open Registry Editor.
Add or verify these keys:
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity EnableADAL = 1 (DWORD) and HKEY_CURRENT_USER\Software\Microsoft\Exchange AlwaysUseMSOAuthForAutoDiscover = 1 (DWORD)

4. Review Conditional Access Policies

Azure AD Conditional Access policies may block Outlook desktop sign-ins or require additional authentication steps.

Sign in to Microsoft Entra Admin Center.
Navigate to Conditional Access.
Review policies targeting:
- “All cloud apps”
- “Office 365” or “Exchange Online”
Check for requirements like:
- MFA
- Compliant device
- App restrictions

Adjust policies to allow Outlook desktop clients or create exceptions if needed.

5. Use Classic Outlook (if applicable)

The New Outlook for Windows (preview) has limited support for hybrid and on-prem Exchange environments.

Open Outlook.
Toggle off “New Outlook” from the top-right corner (if available).
If not available, uninstall New Outlook and reinstall the classic Outlook client from Microsoft 365 Apps.
Launch classic Outlook and configure the account.

Classic Outlook supports full authentication flows and avoids the limitations of the preview client.

Please understand that our initial response does not always resolve the issue immediately. However, with your help and more detailed information, we can work together to find a solution.

I truly appreciate your patience and understanding. If you have any further questions or need further clarification, please feel free to reach out. I'm looking forward to hearing from you.

Thank you for your cooperation.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

undefined

Wing Yeung 0 Reputation points

2026-05-04T00:00:19.19+00:00

hi Expert ，

I have tired the above steps in two PCs. But the problem was persistent.

My running environment is Windows 11 and Outlook 2024. The Windows Security password prompt from Microsoft Outlook ( Classic) not Microsoft 365 was repeatedly prompt from time to time.

I tried to close the Outlook and restart again. It didn’t require to input password. That mean the Credentials Password setting is correct and without any issue.

Can expert advise what else I can do ?
Hornblower409 8,200 Reputation points

2026-05-05T16:18:58.0366667+00:00

@Wing Yeung
You need to start a new thread using the "Ask a question" button at the top of this page to create a new Question and include the details for your specific problem. This provides much higher visibility to your issue than commenting on an old post, which is only seen by people who are already following this question.

(You can put the link for this page in your new Question for reference)

Share via

Wt cld be the root cause of this recurring microsftlogin prompt in Outlook 2024 on Windows 11 despite successful domain authentication&valid Exchange connectivity?How can this issue be permanently resolved without requiring users use browsers

1 answer

Your answer