Dear Community:
When activating OAuth Refresh token and jabber local password caching. Jabber is able to sign after initial sign in without authentication: this is good while password stays the same. If domain password changes, jabber still able to sign in and that creates a security hole.
Any way to mitigate this?