diff --git a/lib/components/keyserver-connection-handler.js b/lib/components/keyserver-connection-handler.js
--- a/lib/components/keyserver-connection-handler.js
+++ b/lib/components/keyserver-connection-handler.js
@@ -31,6 +31,9 @@
   +keyserverID: string,
   +socketComponent: React.ComponentType<BaseSocketProps>,
 };
+
+const AUTH_RETRY_DELAY_MS = 60_000;
+
 function KeyserverConnectionHandler(props: Props) {
   const { socketComponent: Socket, keyserverID, ...rest } = props;
 
@@ -81,18 +84,18 @@
   const olmSessionCreator = React.useContext(OlmSessionCreatorContext);
   invariant(olmSessionCreator, 'Olm session creator should be set');
 
-  const authInProgress = React.useRef(false);
+  const [canPerformAuth, setCanPerformAuth] = React.useState(true);
   const isUserAuthenticated = useSelector(isLoggedInToKeyserver(keyserverID));
 
   React.useEffect(() => {
     if (
       !usingCommServicesAccessToken ||
-      authInProgress.current ||
+      !canPerformAuth ||
       isUserAuthenticated
     ) {
       return;
     }
-    authInProgress.current = true;
+    setCanPerformAuth(false);
 
     void (async () => {
       try {
@@ -148,7 +151,9 @@
           await dispatchActionPromise(logOutActionTypes, callLogOut());
         }
       } finally {
-        authInProgress.current = false;
+        setTimeout(() => {
+          setCanPerformAuth(true);
+        }, AUTH_RETRY_DELAY_MS);
       }
     })();
   }, [
@@ -164,6 +169,7 @@
     isUserAuthenticated,
     callLogOut,
     dataLoaded,
+    canPerformAuth,
   ]);
 
   if (keyserverID !== ashoatKeyserverID) {