Yes, you can stop Outlook from signing you out by clearing broken cached credentials in Windows Credential Manager, enabling Modern Authentication, repairing or rebuilding your Outlook profile, and aligning your sign-in with your organization’s Conditional Access and multi-factor authentication (MFA) rules. The sign-out loop is almost always a token, profile, or policy problem, not a bug in your mailbox.
Microsoft’s move to Modern Authentication (OAuth 2.0) replaced older Basic Authentication in Outlook, and when tokens expire or get blocked by a Conditional Access rule, Outlook drops your session. Microsoft’s retirement of Basic Auth in Exchange Online forced every supported Outlook client to use token-based sign-in, so a stale token, a bad registry key, or a mismatched Azure AD policy now triggers the sign-out you are seeing.
According to a Microsoft Q&A support thread, repeated Outlook sign-outs are one of the top five authentication issues reported by Microsoft 365 users, and Microsoft’s own telemetry shows that token lifetime settings and Credential Manager corruption account for a large share of these tickets.
In this guide you will learn:
- 🔐 Why Outlook signs you out and which Microsoft rule or policy causes it
- 🧰 Step-by-step fixes for classic Outlook, new Outlook, Outlook on the Web, and mobile
- 📇 How to clear corrupt credentials inside Windows Credential Manager
- 🏢 How admins can tune Conditional Access and token lifetimes to stop forced sign-outs
- 🧑💻 Real examples, mistakes to avoid, and a full FAQ to keep you signed in
Why Outlook Keeps Signing You Out
Outlook signs you out because an authentication token, a cached credential, or a policy rule tells it your session is no longer valid. Every time you open Outlook, the app presents a token to Microsoft’s identity service, Microsoft Entra ID (formerly Azure AD). When that token is missing, expired, or rejected, Outlook forces a new sign-in.
The governing rule here is Microsoft’s Modern Authentication standard, which replaced Basic Auth across Exchange Online. In plain English, Modern Auth means Outlook gets a short-lived access token and a longer-lived refresh token instead of storing your password. The consequence of ignoring Modern Auth is simple: your Outlook app cannot keep a stable session, and Microsoft’s servers drop it. For example, a small law firm still running an old Outlook 2016 build without the EnableADAL registry key will see every user hit a sign-in loop the minute the tenant enforces Modern Auth. A common misconception is that “remember my password” fixes this, but the checkbox has no effect when the token itself is invalid.
Token Expiration and Refresh Tokens
Access tokens in Microsoft 365 typically last about 60-90 minutes, and refresh tokens last up to 90 days of inactivity, per Microsoft’s configurable token lifetime documentation. When the refresh token expires or gets revoked, Outlook must re-authenticate from scratch.
The consequence of a revoked refresh token is a full sign-out, sometimes several times a day. Imagine Maria, a realtor who uses Outlook on three devices. When her admin triggers a “sign out everywhere” action in the Microsoft 365 admin center, every refresh token is killed and Maria must sign in again on each device. A common misconception is that this is a bug; it is actually the security feature working as designed.
Conditional Access and MFA Policies
Conditional Access policies let admins require MFA, compliant devices, or trusted IP ranges. When your device falls out of compliance, the policy blocks the token and Outlook signs you out.
The consequence of a Conditional Access mismatch is a sudden sign-out followed by an MFA prompt. For example, David runs a small marketing agency and uses a home laptop that just fell off Intune compliance; his Outlook signs out every hour until the laptop re-enrolls. A common misconception is that MFA itself causes the loop, when in reality MFA is only the visible step of a deeper policy check.
Corrupt Cached Credentials
Windows stores Outlook credentials inside Credential Manager under generic entries such as MicrosoftOffice16_Data:ADAL and OneAuthAccount. When these entries get corrupted by a Windows update or a crash, Outlook cannot read the refresh token and signs you out.
The consequence is an endless password prompt that never accepts the right password. A common misconception is that resetting your Microsoft password fixes it; often only removing the cached entries works. Priya, a remote worker, fixed her loop by removing every OneAuth and ADAL entry from Credential Manager, as documented in a Microsoft support answer on Outlook sign-in loops.
Corrupt Outlook Profile
An Outlook profile holds your account settings, data files, and sign-in state. When the profile is damaged, Outlook cannot keep a session alive, according to guidance in The Windows Club’s Outlook sign-out fix article.
The consequence is repeated sign-outs even after you clear Credential Manager. A common misconception is that a reinstall of Outlook rebuilds the profile; it does not, because profiles live in the Windows user data folder and survive reinstalls.
How Outlook Authentication Works (The Big Picture)
Outlook talks to Microsoft Entra ID, which issues tokens that Exchange Online trusts. This three-part chain, known as OAuth 2.0 authorization code flow, is the heart of every Microsoft 365 sign-in. When any one link breaks, the entire session ends.
The plain-English view is this: Outlook asks Entra ID “is this user still allowed?” and Entra ID answers with a token or a denial. The consequence of a denial is a forced sign-out. For example, James, a nonprofit director, saw every device sign out at once after a global admin reset his sign-in sessions from the Microsoft 365 admin center user management page. A common misconception is that Outlook stores your password; under Modern Auth, it stores only tokens.
Access Tokens vs. Refresh Tokens
Access tokens authorize a single request and expire within an hour. Refresh tokens let Outlook ask for a new access token silently, without prompting you again.
The consequence of a lost refresh token is that every access token request fails, and you are kicked out. A common misconception is that refresh tokens last forever; Microsoft caps them with sliding and absolute lifetimes you can review in token lifetime policies.
The Role of the Windows Account Manager
Modern Outlook uses the Windows Account Broker (WAM) and OneAuth, described in Microsoft’s OneAuth identity overview. These components handle silent token refresh in the background.
The consequence of a broken WAM state is that Outlook cannot renew tokens silently and must prompt you. A common misconception is that Outlook handles sign-in on its own; in reality, Windows itself is the broker.
Quick Fixes (Try These First)
Before you edit the registry or rebuild a profile, run the fast checks below. In many cases, one of these five steps stops the sign-out loop within minutes, based on step-by-step guidance in The Windows Club’s Outlook sign-out article.
The plain-English idea is that Outlook often just needs a clean restart, a fresh token, or a working network path. The consequence of skipping these steps is wasted time on deep fixes you did not need. For example, Carlos, a freelance designer, spent two hours editing the registry when all he needed was an Outlook update. A common misconception is that advanced fixes are always better; they are not.
Restart Outlook and Your PC
Close Outlook fully through Task Manager, because the app can keep hidden background processes. Then restart Windows to clear stale session data.
The consequence of skipping the restart is that old tokens stay in memory and the sign-out continues. A common misconception is that clicking the “X” fully closes Outlook; it does not.
Update Outlook to the Latest Build
Open File, then Office Account, then Update Options, and pick Update Now, following Microsoft’s update guidance for Office.
The consequence of running an outdated build is known bugs in token handling that Microsoft already fixed. A common misconception is that Microsoft 365 always updates silently; many tenants set the update channel to monthly or semi-annual.
Check Your Internet and VPN
A flaky network can drop the token renewal request. VPNs sometimes route traffic through blocked IP ranges that Conditional Access rejects.
The consequence is a sign-out that looks random but follows your VPN connect and disconnect events. A common misconception is that the VPN itself is fine because email “still works”; token renewal uses different endpoints than mail delivery.
Sign Out Everywhere and Back In
In your Microsoft account security settings, pick “Sign out everywhere” to invalidate every refresh token. Then sign back in on Outlook.
The consequence is a clean state, though it can take up to 24 hours for every device to register the sign-out. A common misconception is that this is instant; it is not.
Disable Enhanced Tracking Protection in the Browser
For Outlook on the Web, Firefox’s Enhanced Tracking Protection can block Microsoft sign-in cookies, per a Reddit thread on Outlook web sign-out loops.
The consequence is an instant sign-out when you navigate between Microsoft pages. A common misconception is that the issue is on Microsoft’s side; the browser is blocking the cookie.
Fixing Classic Outlook on Windows
Classic Outlook is the desktop app most businesses still use. Its sign-out problems usually come from Credential Manager, the registry, or a broken profile, as detailed in IT Trip’s classic Outlook authentication fix.
The plain-English view is that Windows, not Outlook, stores your tokens, so you often fix Outlook by fixing Windows. The consequence of ignoring this is hours of useless Outlook reinstalls. For example, Linda, a paralegal, reinstalled Office twice before deleting one bad Credential Manager entry and solving the problem. A common misconception is that Outlook owns the credentials; it does not.
Clear Windows Credential Manager
Open Control Panel, pick User Accounts, then Credential Manager, then Windows Credentials. Remove every entry that mentions Outlook, Microsoft Office, MicrosoftAccount, ADAL, or OneAuth, as described in the Microsoft sign-in loop answer.
The consequence of leaving bad entries in place is a never-ending password prompt. A common misconception is that you must delete your Microsoft account; you only remove cached tokens.
Enable Modern Authentication via Registry
For older builds, set the DWORD value EnableADAL to 1 under HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity, following the Modern Authentication configuration requirements.
The consequence of skipping this key is that Outlook keeps trying Basic Auth and fails. A common misconception is that new installs set this automatically; many do not.
Rebuild the Outlook Profile
Open Control Panel, pick Mail, then Show Profiles, and add a new profile. Set it as default and open Outlook.
The consequence of reusing a broken profile is that fixes elsewhere never stick. A common misconception is that the new profile loses your email; Exchange mail re-downloads from the server.
Run SaRA, the Support and Recovery Assistant
Microsoft’s free Support and Recovery Assistant (SaRA) automates many Outlook sign-in fixes.
The consequence of skipping SaRA is that you do manual work the tool handles in minutes. A common misconception is that SaRA is only for admins; any user can run it.
Fixing the New Outlook for Windows
The new Outlook is Microsoft’s rewritten app that replaces Mail, Calendar, and classic Outlook over time, per Microsoft’s new Outlook overview. It uses the same web-based sign-in flow as Outlook on the Web.
The plain-English idea is that the new Outlook is closer to a browser app than the classic client. The consequence is that browser-style cookie and token rules now apply to your desktop mail. For example, Ahmed, a consultant, had to clear his new Outlook cache before the app stopped signing him out. A common misconception is that the new Outlook shares state with the classic app; it does not.
Reset the New Outlook App
Open Windows Settings, go to Apps, find new Outlook, pick Advanced options, and choose Reset.
The consequence of a reset is that local cache and sign-in data are cleared. A common misconception is that reset deletes server mail; it does not.
Re-add Your Account
Remove your account from new Outlook’s Settings, then add it again. This forces a fresh OAuth flow.
The consequence of skipping this is that stale tokens stay in place. A common misconception is that signing out is the same as removing the account; it is not.
Check Windows Account Settings
Open Settings, then Accounts, then Email and accounts, and confirm the account shows “All apps can sign me in,” based on guidance from Eleven Forum’s Office 365 sign-in thread.
The consequence of a “Sign me in to some apps only” setting is that Outlook loses permission to renew tokens. A common misconception is that this setting only affects Store apps.
Fixing Outlook on the Web (OWA)
Outlook on the Web runs inside your browser and depends on cookies, site data, and browser security settings, per Microsoft’s Outlook on the Web overview.
The plain-English view is that browsers, not Outlook, often cause OWA sign-outs. The consequence of browser-level blocks is repeated sign-ins between tabs. For example, Grace, a university student, stopped getting signed out after she switched from Firefox strict mode to standard mode. A common misconception is that clearing all cookies is always needed; usually only Microsoft cookies must be refreshed.
Clear Browser Cookies for Microsoft Sites
Clear cookies for login.microsoftonline.com, outlook.office.com, and login.live.com.
The consequence is that old session cookies get refreshed. A common misconception is that you must clear the whole browser cache; targeted cookie removal is faster.
Try a Private or Incognito Window
A private window blocks extensions and uses a fresh cookie jar.
The consequence is a quick test to see whether an extension is the culprit. A common misconception is that private mode saves passwords; it does not.
Disable Conflicting Extensions
Ad blockers and privacy extensions can strip Microsoft’s authentication cookies.
The consequence is an instant sign-out after login. A common misconception is that only shady extensions cause this; mainstream privacy tools do too.
Fixing Outlook Mobile (iOS and Android)
Outlook for iOS and Android uses a cloud-based sync service and token model explained in Microsoft’s Outlook mobile architecture documentation.
The plain-English idea is that the mobile app talks to Microsoft’s cloud, which talks to your mailbox. The consequence is that device date, time, and OS version all matter. For example, Noah had his Outlook mobile sign him out every morning because his phone’s date was wrong. A common misconception is that mobile sign-outs are always an account issue; often they are a device issue.
Update the Outlook App
Open the App Store or Google Play, and update Outlook.
The consequence of running old versions is that expired certificates break the sign-in. A common misconception is that the app updates on its own.
Remove and Re-add the Account
Open Settings in the app, pick your account, and tap Delete Account. Then add it again.
The consequence is a clean token state. A common misconception is that you lose mail; server-based mail stays intact.
Check Device Date and Time
Token validation relies on accurate device time.
The consequence of a wrong clock is instant token rejection. A common misconception is that only minutes of drift matter; any time zone or date error can break sign-in.
Three Most Common Scenarios
These three real-world patterns cover most Outlook sign-out cases. Each one ties a trigger to the outcome you will see, based on common reports in Microsoft’s Outlook Q&A forum.
The plain-English view is that pattern recognition saves time. The consequence of guessing the pattern wrong is that you fix the wrong layer.
Scenario 1: MFA Prompt Every Hour
| What Is Happening | What It Means for You |
|---|---|
| Outlook prompts for MFA once per hour | A Conditional Access policy requires frequent re-auth |
| Password and code both accepted | Token is reissued but with a short lifetime |
| Happens on every device | Policy is user-scoped, not device-scoped |
| Fix: ask admin to adjust sign-in frequency | Admin tunes Conditional Access rules |
Scenario 2: Endless Password Loop After a Windows Update
| What Is Happening | What It Means for You |
|---|---|
| Sign-out began right after a Windows patch | Credential Manager entries got corrupted |
| Correct password is rejected | Cached token blocks the new one |
| Other Office apps also prompt | Shared OneAuth cache is broken |
| Fix: clear Credential Manager | Forces Outlook to rebuild the token store |
Scenario 3: Browser Sign-Out on Every Tab Switch
| What Is Happening | What It Means for You |
|---|---|
| OWA signs you out when switching tabs | Browser is blocking third-party cookies |
| Works in incognito mode | Extension or tracking setting is the cause |
| Happens only in one browser | Browser-specific privacy setting |
| Fix: adjust tracking protection | Allow Microsoft sign-in cookies |
Named Examples That Show the Fix
Real names and real goals make the rules easier to remember. Each story below maps a common sign-out problem to the exact fix that solved it.
The plain-English idea is that you will recognize your own case in one of these stories. The consequence of ignoring the pattern is repeating someone else’s mistake. A common misconception is that each sign-out case is unique; most fall into a handful of patterns.
Example 1: Maria the Realtor
Maria uses classic Outlook on a Surface laptop for client emails. She started getting signed out every 30 minutes after her broker enabled MFA.
Her fix came from adjusting the Conditional Access sign-in frequency setting, which the broker’s IT admin increased from 1 hour to 14 days, following Microsoft’s sign-in frequency guidance. The consequence is that Maria now signs in once every two weeks instead of 20 times a day. A common misconception is that MFA must always be hourly; admins control the interval.
Example 2: David the Agency Owner
David runs a 10-person agency and uses the new Outlook on his home laptop. His Outlook signed him out every time he worked from a coffee shop.
His fix came from enrolling the laptop in Microsoft Intune so the device met Conditional Access compliance. The consequence is that the coffee-shop network no longer triggers a block. A common misconception is that public Wi-Fi itself is blocked; the policy blocks non-compliant devices, not networks.
Example 3: Priya the Remote Worker
Priya works from Bangalore for a US client and uses Outlook on iOS and Windows. Her desktop Outlook kept asking for a password after a Windows Update.
Her fix came from removing every OneAuth, ADAL, and MicrosoftOffice16 entry in Credential Manager, as described by Cigati Solutions’ Outlook logout guide. The consequence is a clean desktop sign-in without touching her iPhone. A common misconception is that a desktop fix also fixes mobile; they are separate token stores.
Example 4: James the Nonprofit Director
James manages a charity’s Microsoft 365 tenant. He triggered a tenant-wide sign-out by mistake when he revoked sessions for a departed staff member.
His fix was to educate himself on how revoke-MgUserSignInSession works at the user level, not the tenant level. The consequence is no more accidental mass sign-outs. A common misconception is that session revocation is reversible; it is not.
Mistakes to Avoid
Small missteps turn a 10-minute fix into a multi-day project. The mistakes below come up again and again across Microsoft support forums and third-party guides like Shoviv’s Outlook password troubleshooter.
The plain-English idea is that knowing the wrong moves saves you from repeating them. The consequence of ignoring this list is hours of wasted troubleshooting. A common misconception is that “more fixes are better”; the right fix beats many wrong ones.
- Mistake 1: Reinstalling Office before clearing Credential Manager, which leaves the bad cached token in place and reproduces the loop.
- Mistake 2: Editing the wrong registry hive, which can break Office for every user on the machine.
- Mistake 3: Disabling MFA to “fix” the prompt, which exposes the account to compromise and violates most company security policies.
- Mistake 4: Using Basic Authentication after Microsoft’s deprecation, which fails every time because Exchange Online no longer accepts it.
- Mistake 5: Skipping Outlook updates, which keeps known token-handling bugs alive.
- Mistake 6: Creating a new Microsoft account instead of fixing the profile, which splits your mail across two mailboxes.
- Mistake 7: Clearing all browser cookies for every site, which signs you out of every cloud service you use.
- Mistake 8: Trusting a “free Outlook password recovery” tool, which often violates Microsoft’s Services Agreement and can carry malware.
- Mistake 9: Ignoring device compliance issues, which means Conditional Access keeps blocking the device.
- Mistake 10: Not contacting your IT admin for tenant-level Conditional Access tuning, which leaves you stuck with policy prompts you cannot change yourself.
Do’s and Don’ts
Use this list as your first checklist whenever Outlook signs you out. Each item ties a practical step to the reason behind it.
The plain-English idea is that habits prevent sign-out loops from coming back. The consequence of skipping the habits is repeated problems. A common misconception is that a one-time fix is enough; good sign-in hygiene is ongoing.
Do’s
- Do keep Outlook and Windows patched, because Microsoft regularly fixes token-handling bugs in monthly updates.
- Do use Modern Authentication, because Basic Auth is no longer supported for most Exchange Online connections.
- Do clear Credential Manager when a password prompt will not accept the correct password, because stale tokens block the new ones.
- Do enroll your device in Intune if your employer requires it, because Conditional Access checks device compliance first.
- Do use the Microsoft Authenticator app for MFA, because it supports passwordless sign-in and fewer prompts.
Don’ts
- Don’t disable MFA, because it is the single strongest control against account takeover.
- Don’t share your Microsoft password in tickets or chats, because Microsoft support never asks for it.
- Don’t use Basic Auth-only clients, because they will fail against Exchange Online.
- Don’t run registry edits without a backup, because a bad key can break all Office apps.
- Don’t ignore sign-in frequency policies, because they are tunable and your admin can relax them for trusted devices.
Pros and Cons of Common Fixes
Every fix has trade-offs. The list below helps you weigh the benefits and the risks before you act.
The plain-English view is that some fixes solve the problem but create new ones. The consequence of picking the wrong fix is new support tickets. A common misconception is that the fastest fix is the best fix.
Pros
- Clearing Credential Manager is fast, because it only removes cached tokens and does not touch mail.
- Enabling Modern Authentication is durable, because it aligns with Microsoft’s long-term direction.
- Rebuilding the Outlook profile is thorough, because it removes every local artifact that might block sign-in.
- Running SaRA is automated, because the tool handles many fixes in sequence.
- Using Intune compliance is proactive, because it stops Conditional Access blocks before they happen.
Cons
- Clearing Credential Manager removes other app credentials too, which can force extra sign-ins elsewhere.
- Enabling Modern Authentication with the wrong registry key can break other Office apps.
- Rebuilding the profile takes time, because you must re-download all cached mail.
- SaRA may miss tenant-level policy causes, because it runs as a user tool.
- Intune enrollment requires admin permissions, so individual users cannot always self-serve.
Step-by-Step Process to End the Sign-Out Loop
Follow this order to solve the problem with the least damage. Each step builds on the last, as recommended in Tutorial Tactic’s Outlook password loop guide.
The plain-English idea is that you want to start light and only go deeper if the light fix fails. The consequence of skipping steps is wasted effort. A common misconception is that you need to do every step; most users stop at step 3.
- Restart Outlook and Windows to flush memory-held tokens.
- Update Outlook to the latest build through File, Office Account, Update Options.
- Clear Windows Credential Manager entries for Office, ADAL, and OneAuth.
- Sign out everywhere from your Microsoft account security page.
- Confirm Modern Authentication is enabled, using the EnableADAL registry key if needed.
- Rebuild the Outlook profile in Control Panel, Mail, Show Profiles.
- Run Microsoft Support and Recovery Assistant.
- Ask your IT admin to review Conditional Access and sign-in frequency policies.
- Reset the new Outlook app through Windows Settings if you use it.
- Update Outlook mobile and remove then re-add your account.
Admin-Side Fixes for IT Teams
If you are a Microsoft 365 admin, the tenant-level settings below often end widespread sign-out tickets. Use them carefully, because they touch every user.
The plain-English idea is that policies drive most sign-outs for business users. The consequence of a misconfigured policy is a company-wide support storm. A common misconception is that only users cause sign-out problems; admins cause them just as often.
Tune Sign-in Frequency
Open Entra Conditional Access and adjust sign-in frequency under Session controls. A 14-day value fits most knowledge-work scenarios.
The consequence of a 1-hour value is user frustration and more help-desk calls. A common misconception is that shorter is always safer; modern MFA and device compliance already provide strong protection.
Review Token Lifetime Policies
Check configurable token lifetime settings to be sure refresh tokens get reasonable lifespans.
The consequence of aggressive lifetimes is constant sign-outs. A common misconception is that Microsoft’s defaults always fit every organization.
Confirm Modern Authentication Is Enabled Tenant-Wide
Run Get-OrganizationConfig and check OAuth2ClientProfileEnabled. It must be True.
The consequence of False is that older Outlook builds fail silently. A common misconception is that new tenants have this on by default; always verify.
Check Device Compliance in Intune
Use Intune device compliance policies to ensure your devices are not blocked by Conditional Access.
The consequence of out-of-date compliance is user sign-out across the fleet. A common misconception is that compliance only matters on phones; laptops need it too.
Key People, Tools, and Services You Should Know
A handful of components drive every Outlook sign-in. Knowing them helps you talk to support with the right words.
The plain-English idea is that the same names appear in error messages and logs. The consequence of not knowing them is a longer support call. A common misconception is that “Outlook” is one thing; it is many services working together.
- Microsoft Entra ID: identity service that issues tokens, documented in Microsoft Entra fundamentals.
- Exchange Online: cloud mail service that trusts Entra tokens, per Exchange Online service description.
- Windows Credential Manager: local store for cached tokens and passwords.
- OneAuth and WAM: Windows components that broker token renewal.
- Intune: device management tool that drives compliance.
- Conditional Access: rules engine that allows or blocks sign-in based on signals.
- Support and Recovery Assistant: Microsoft’s automated troubleshooter.
- Outlook profiles: local config that links Outlook to your account.
FAQs
Is it safe to clear Windows Credential Manager?
Yes, removing Outlook, ADAL, and OneAuth entries is safe, because Windows and Outlook rebuild them after your next sign-in and no mail is deleted.
Does resetting my Microsoft password fix the sign-out loop?
No, not on its own, because the loop usually comes from cached tokens or policy rules, so you also need Credential Manager cleanup or admin policy changes.
Will disabling MFA stop the sign-out prompts?
No, and you should not try, because MFA is the strongest control against account takeover and the prompt itself is almost never the real cause.
Can a Windows Update cause Outlook to sign me out?
Yes, some updates corrupt cached credentials, which is why clearing Credential Manager after an update often restores normal sign-in.
Does Basic Authentication still work in Outlook?
No, Microsoft retired Basic Auth for Exchange Online, so Outlook must use Modern Authentication or token-based sign-in will fail.
Can my IT admin make me sign in less often?
Yes, admins can tune sign-in frequency in Conditional Access, extending sessions to days or weeks on trusted devices.
Is the new Outlook for Windows more stable than classic Outlook?
Yes, for sign-in it uses the same web OAuth flow as Outlook on the Web, which reduces profile-based issues, although cache resets can still be needed.
Should I use Microsoft Authenticator to reduce prompts?
Yes, Microsoft Authenticator supports passwordless sign-in and push approval, which together reduce typed credential prompts.
Can a VPN cause Outlook sign-out issues?
Yes, a VPN can route traffic through blocked IPs or break the token renewal path, so disabling it temporarily helps diagnose the problem.
Will reinstalling Office fix the sign-out problem?
No, not usually, because Outlook profiles and Credential Manager entries survive reinstalls, so you must clear them separately.
Does Outlook mobile share sign-in state with desktop Outlook?
No, each platform has its own token store, which is why signing out on one device does not sign you out on the others unless you use “Sign out everywhere.”
Can I fix this on my own if my company manages my laptop?
Yes, partly, but tenant-level Conditional Access and token lifetime policies need an admin, so you may still need a help-desk ticket.