Recently, I have noticed the Skype for Business client prompting for credentials when it ties to connect to Exchange Web Services for mailboxes in Exchange Online (EXO). The EXO tenant is configured for Modern Authentication (ADAL) and Azure Multi-Factor Authentication (Azure MFA) but Skype for Business is still on-premises using kerberos. So, when the Skype for Business client tries to connect to EWS in EXO, EXO is attempting to ask for ADAL and MFA, but the client isn’t configured to respond with it.
Microsoft has an article that describes this issue (https://support.microsoft.com/en-us/help/3126604/skype-for-business-mobile-users-can-t-sign-in-when-modern-authentication-is-enabled)
The solution is to create a registry value HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\LyncAllowAdalForNonLyncIndependentOfLync to enable the Skype for Business client to respond accordingly. Details can be found at https://support.microsoft.com/en-in/help/3082803/info-about-the-allowadalfornonlyncindependentoflync-setting-in-skype-for-business,-lync-2013,-and-exchange-online.