Cached credentials have been a thing for a long time, and that’s saved my bacon more than once.
The trouble here is that RDP will check the cached credentials first, even if the machine is online and able to check the authoritative creds. And then it doesn’t erase the obsolete cached creds. This is apparently only for Microsoft or Azure accounts, but ffs they’ve been pushing individuals and businesses that way for so long.
Cached credentials have been a thing for a long time, and that’s saved my bacon more than once.
The trouble here is that RDP will check the cached credentials first, even if the machine is online and able to check the authoritative creds. And then it doesn’t erase the obsolete cached creds. This is apparently only for Microsoft or Azure accounts, but ffs they’ve been pushing individuals and businesses that way for so long.
This most definitely is a security issue.
Meaning that Microsoft won’t fix it