Security
Session Management
Control your active sessions, manage trusted devices, and understand session security.
Viewing active sessions
Go to Settings → Security → Active Sessions to see all devices currently logged into your Karsilo account. Each session shows the device type, browser, approximate location, and last activity time. This helps you quickly spot any sessions you don't recognize.
Revoking sessions
Click 'Revoke' next to any session to immediately log it out. Use 'Revoke All Other Sessions' to log out everywhere except your current device. This is useful if you suspect unauthorized access or after changing your password.
Session timeouts
Karsilo sessions automatically expire after 30 days of inactivity. If you'd like shorter timeouts for extra security, go to Settings → Security → Session Timeout and choose from 1 hour, 8 hours, 7 days, or 30 days. Shorter timeouts mean more frequent logins but better security.
Trusted devices
When you log in with 2FA, you can mark a device as trusted for 30 days. Trusted devices skip the 2FA code prompt during the trust period. You can view and remove trusted devices from the Active Sessions page. If a trusted device is lost or stolen, revoke it immediately.