Active Sessions
Monitor and manage devices logged into your account.
What are Sessions?
A session represents an active login to Zettabit. When you log in, a session is created that:
- Identifies your device
- Tracks your login time
- Maintains your authenticated state
- Records your IP address
Viewing Your Sessions
- Go to Settings > Security
- Find Active Sessions section
Session Information
| Field | Description |
|---|---|
| Device | Browser and operating system |
| IP Address | Network address |
| Location | Approximate location (based on IP) |
| Last Active | When the session was last used |
| Login Time | When the session was created |
Current Session
Your current session is marked with a badge:
- “Current” or “This device”
- Cannot be terminated (you’d log yourself out)
Terminating Sessions
To log out a specific device:
- Find the session in the list
- Click Terminate or the X icon
- Confirm the action
The session is immediately invalidated and the device is logged out.
Terminate All Sessions
To log out all devices except your current one:
- Click Terminate All Other Sessions
- Confirm the action
Use this if:
- You suspect unauthorized access
- You’ve lost a device
- You’re on a shared computer
- You’ve changed your password
Session Security
Automatic Expiry
Sessions expire automatically after:
- 30 days of inactivity (default)
- Configurable by administrator
Session Refresh
Active sessions are refreshed when you use Zettabit:
- Every action extends the session
- Idle sessions will eventually expire
Secure Session Handling
Zettabit protects your sessions with:
- Encrypted session tokens
- Secure cookie settings
- IP validation (optional)
- Browser fingerprinting
Recognizing Your Sessions
Each session shows device information:
Browser Examples
- Chrome on Windows
- Safari on macOS
- Firefox on Linux
- Mobile Safari on iOS
Location
Location is estimated from IP address:
- City and country
- May not be exact
- VPN users may see VPN server location
Suspicious Sessions
Watch for sessions you don’t recognize:
Warning Signs
- Unknown location
- Unknown device
- Old login you forgot about
- Login time when you weren’t working
If You See Suspicious Activity
- Terminate the session immediately
- Change your password
- Enable 2FA if not already enabled
- Review audit logs for unauthorized actions
- Contact administrator if concerned
Session Best Practices
- Log out from shared computers - Don’t stay logged in
- Review sessions regularly - Check for unauthorized access
- Use unique browsers - Helps identify sessions
- Enable 2FA - Prevents unauthorized logins
- Don’t share credentials - Each user should have their own account
Troubleshooting
Logged out unexpectedly
Possible causes:
- Session expired
- Admin terminated your session
- System maintenance
- Browser cleared cookies
Solution: Log in again.
Multiple sessions from same device
This can happen if you:
- Use different browsers
- Use incognito/private mode
- Clear cookies and log in again
Session location is wrong
IP-based location isn’t always accurate:
- VPNs show VPN server location
- Mobile data may show carrier location
- ISPs may route through different cities
This doesn’t indicate a problem unless combined with other suspicious signs.
Admin: Managing User Sessions
Administrators can view and manage all user sessions:
View All Sessions
In the admin panel:
- Go to Users
- Select a user
- View their active sessions
Terminate User Sessions
Force log out a user:
- Find their sessions
- Click Terminate
- Or Terminate All for that user
Use this if:
- User account is compromised
- User left the organization
- Suspicious activity detected
Session Policies
Configure session policies:
- Maximum session duration
- Idle timeout
- IP restriction
- Concurrent session limits