Cinoslots
보안

How do I see and revoke active sessions?

Profile → Security → Active sessions shows every device logged in. Sign out anything you don't recognize, then change your password.

Updated May 14, 20264,321회 조회97% 유용함

Where to find it

Profile → Security → Active sessions

For each session, you'll see:

  • Device (browser + OS, e.g. "Chrome 124 on macOS Sonoma")
  • IP address + ISP + approximate location (city + country, derived from IP)
  • First login timestamp (when this session was created)
  • Last activity (when this session last hit our server)
  • Sign out button per session

The session you're currently using is marked with a green dot.

What to do if you see something unfamiliar

  1. Sign that session out immediately (the button is per-session)
  2. Change your password (change-password)
  3. Rotate your 2FA secret (Profile → Security → Reset 2FA — invalidates all backup codes too)
  4. Review recent withdrawals — if any went to addresses you didn't add, contact support immediately
  5. Add the unknown IP to your blocklist (Profile → Security → IP blocklist)

Sign out everywhere

The Sign out all other sessions button at the top kills every session except the current one. Use it when:

  • You've sold/given away an old laptop or phone
  • You used a friend's device and forgot to log out
  • Your password manager flagged a possible breach elsewhere

This forces password re-entry on every other device — including your own — but is harmless if you're careful.

"I see a session from {country I've never visited}"

Two scenarios:

1. You used a VPN (or your ISP routes through a different region)

Some ISPs and mobile carriers route traffic through unexpected geo-points. Check whether the device is otherwise correct (your usual browser, your usual phone fingerprint). If so, it's almost certainly your own session over an unusual route.

2. Real account compromise

If the device fingerprint also looks unfamiliar (different browser, different OS), follow the takeover-response steps above immediately. Then email [email protected] — we can run a full audit of recent activity and reverse fraudulent moves where possible.

Session lifetime

  • Web sessions: 30 days idle, then auto-expire
  • Mobile (PWA): 90 days idle
  • "Remember me" unchecked: closes when you close the browser tab

You can shorten the default lifetime under Profile → Security → Session length.

도움이 되었나요?

204명의 독자 중 97%가 도움이 되었다고 평가했습니다.

추가 도움이 필요하신가요?

24/7 팀이 1분 이내에 답변합니다.

관련 도움말

보안

How do I enable two-factor authentication (2FA)?

Profile → Security → Enable 2FA. Use an authenticator app (Aegis, Google Authenticator, 1Password) — never SMS.

12.4K회 조회99% 유용함
보안

What is a trusted device and should I mark mine as trusted?

Skips 2FA prompt on a specific device for 30 days. Use ONLY on personal devices you fully control.

2.8K회 조회93% 유용함
보안

My account is locked — how do I unlock it?

Most lockouts are 30-minute auto-cool-offs after failed login attempts. Permanent locks need manual review with ID.

5.6K회 조회93% 유용함