We store unique identifiers of user sessions as entries in the database. During the authentication process, we check the user's login and password and, besides, identify the user by IP, the device's operating system and browser.
Check the list of active sessions systematically. The details of the session display in a table and unfold on click.
If you notice suspicious activity in the dashboard or assume that your login and password may have been intercepted, check the session data and revoke any sessions that you cannot identify, or all of the sessions at once. It is also advisable to change the password immediately and inform us about the situation launch for further checking.