Sessions
Overview
Section titled “Overview”Sessions lists every device and browser currently signed into your GrowthOS account, along with rough location and last-active time for each. It is the fastest way to answer “is anyone else in my account right now.”
Each session can be revoked individually, which immediately signs that device out without affecting the others. There is also a sign-out-everywhere option for situations where you are not sure which session is suspicious and want to start clean.
Like two-factor authentication, sessions are tied to your personal account rather than one workspace, so revoking a session here signs it out of every organization you belong to, not just the one you are currently viewing.
What you can do here
Section titled “What you can do here”- See every active session with device, rough location, and last-active time.
- Revoke a single session you do not recognize.
- Sign out of every session at once if you suspect broader compromise.
- Confirm your current session after changing your password or two-factor settings.
When to use
Section titled “When to use”- Right after changing your password, to confirm no stale sessions remain.
- When you notice unexpected account activity.
- After losing a device that was signed in.
Prerequisites
Section titled “Prerequisites”- A signed-in member account.
- No special role required; sessions are personal.
Where to find it
Section titled “Where to find it”- Account menu → Security → Sessions
- Direct route:
/settings/security/sessions
Step-by-step
Section titled “Step-by-step”- Open
/settings/security/sessions. - Review the list of active sessions and their last-active time.
- Look for any device or location you do not recognize.
- Revoke the specific suspicious session, or use sign-out-everywhere if unsure.
- Sign back in on your own devices as needed.
- Change your password as well if you suspect the account itself was compromised.
What success looks like
Section titled “What success looks like”- Every session in the list corresponds to a device you actually recognize and use.
- You revoked a suspicious session within minutes of noticing it, not days.
- Sign-out-everywhere left only the devices you expected still signed in.
Tips & best practices
Section titled “Tips & best practices”- Check this page any time you get an unexpected login notification.
- Pair a sign-out-everywhere with a password change for maximum effect after a suspected compromise.
- Sessions are personal, so checking them here covers every workspace you belong to at once.
Common mistakes
Section titled “Common mistakes”- Ignoring an unfamiliar session instead of revoking it immediately.
- Assuming a revoked session only affects one workspace when it actually signs the device out everywhere.
- Changing your password without also reviewing sessions for stale access.