Account
Session Management & Security
Understand and manage your active sessions, devices, and security settings.
Active Sessions
You can view and manage all your active sessions:
- Go to Settings → Account → Sessions
- See a list of all devices and browsers where you're signed in
- Each session shows: device type, browser, location (approximate), last active time
- Click "Revoke" next to any session to immediately sign it out
Session Policies
| Setting | Default | Configurable |
|---|---|---|
| Session timeout (inactivity) | 24 hours | No (deployment level only) |
| Maximum session duration | 30 days | No (deployment level only) |
| Concurrent sessions allowed | Unlimited | No (deployment level only) |
| Re-authentication for sensitive actions | Enabled | No |
Sensitive Actions Requiring Re-authentication
- Changing your password
- Enabling/disabling MFA
- Modifying billing information
- Downloading bulk data exports
- Deleting vendors or contracts
Security Recommendations
- Always sign out when using shared or public computers
- Review your active sessions periodically and revoke any you don't recognize
- Enable MFA for an additional layer of protection
- If you suspect unauthorized access, immediately change your password and revoke all sessions
Signing Out
- Click your profile avatar (top-right) → "Sign Out"
- This ends your current session only
- To sign out of all devices: Settings → Account → Sessions → "Sign Out All Devices"