Every time you sign in from a new browser or device, Zendrhax opens a session. The list of your active sessions is a quick way to check that only you have access to your account.
Find your sessions
- Sign in.
- Open
/settings. - Scroll to Active sessions.
Each row shows:
- An icon — 💻 for desktop, 📱 for mobile (heuristic from the user-agent string).
- The user-agent itself.
- The IP address that opened the session.
- The last activity timestamp (rendered in your local time).
- A Current badge on the session you're using right now.
Revoke a single session
Click Revoke next to any session that isn't yours. The session is invalidated immediately — the next time that browser hits the platform, it lands on the login screen.
The Revoke button only appears on non-current sessions. You can't revoke yourself out of the page you're on.
Revoke everything except this one
If you suspect someone else got into your account:
- Click Revoke all other sessions (button at the bottom of the section).
- Every session except the one you're on is invalidated.
- Change your password as well. Today, changing the password does NOT automatically end other sessions, so the two actions are separate steps.
Idle-timeout modal
If you've been idle on a tab for a while, the platform pops up a small modal asking if you want to stay signed in. The default idle threshold is 15 minutes (the platform admin can change it).
- Click Stay logged in → the tab keeps going.
- Ignore the modal → on the next click that session is signed out.
This prevents a tab you left open on a shared computer from staying alive forever.
I see a session I don't recognise
Three steps, in this order:
- Click Revoke on that specific session.
- Click Revoke all other sessions to be safe.
- Change your password — see Change your password.
- Enable two-factor authentication if it wasn't already on — see Two-factor authentication.
If the same suspicious session keeps coming back, write to support@zendrhax.com with the IP address and the timestamp and we'll help investigate.