The Connected Devices feature provides you with comprehensive visibility into all devices accessing your SMS and WhatsApp messaging account. Understanding what each piece of information means helps you make informed decisions about your account security. This guide explains every element displayed on your Connected Devices page.
Overview: What Are Connected Devices? #
A connected device represents an active session where someone (or an application) has successfully logged into your account and is currently authenticated. Each time you log in from a different browser, device, or location, a new session is created. The Connected Devices page shows all these active sessions in one convenient location, giving you complete oversight of who has access to your account.
Device Information Explained #
When you view the Connected Devices page, each device displays several pieces of information. Here’s what each field means and why it matters:
Device Platform #
The platform indicator shows the type of device being used:
- Desktop: Windows, Mac, or Linux computers accessing via web browsers
- iOS: iPhones and iPads using the mobile app or Safari browser
- Android: Android phones and tablets using the mobile app or Chrome browser
Why it matters: Platform information helps you quickly identify devices. For example, if you only use an iPhone and Android phone, but see a “Desktop” entry you don’t recognize, it might indicate unauthorized access from a computer you don’t own.
Device Name #
The device name is automatically detected or provided by the application. For mobile apps, this is usually the device’s name from system settings (e.g., “John’s iPhone” or “Samsung Galaxy S21”). For web browsers, it typically shows the browser name and operating system combination.
Why it matters: Device names help you identify which of your personal devices is active. If you see a device name you don’t recognize, it could indicate someone else has logged in, or you might have changed your device name and forgotten about it.
Operating System (OS) #
This shows the specific operating system version running on the device:
- Windows: Version like “Windows 11” or “Windows 10”
- macOS: Version like “macOS 14 Sonoma” or “macOS 13 Ventura”
- iOS: Version like “iOS 17.2” or “iOS 16.5”
- Android: Version like “Android 14” or “Android 13”
Why it matters: OS information helps verify device identity. If you know your phone runs iOS 17.2 and you see a session showing iOS 16.5, it might be an older device you thought you’d logged out of, or it could be suspicious.
Browser Information #
For web-based sessions, you’ll see the browser name and version:
- Chrome 120, Firefox 121, Safari 17, Edge 119, etc.
Why it matters: Browser details help distinguish between multiple sessions on the same computer. If you use both Chrome and Firefox on your desktop, you’ll see separate entries for each browser, which is normal behavior.
Geographic Location #
The location field shows the geographic area where the device is accessing your account from, typically displayed as:
- City, Region, Country (e.g., “New York, NY, United States”)
- City, Country (e.g., “London, United Kingdom”)
- Country only (e.g., “United States”) when city data isn’t available
- Unknown when location cannot be determined
Why it matters: Location is one of the most important security indicators. If you’re in New York and see an active session from Tokyo, this should immediately raise concern unless you’re traveling or have team members in that location. Location data helps you identify:
- Legitimate sessions from your known locations
- Suspicious access from unexpected locations
- Forgotten sessions from previous travel locations
- Potential unauthorized access attempts
Important Note: Location is determined by IP address, which may not always be perfectly accurate. VPN usage, mobile network switching, and IP geolocation limitations can sometimes show locations that are close to but not exactly your actual location. If you see a location that’s “close but not quite right,” it might still be legitimate.
IP Address #
The IP (Internet Protocol) address is the unique identifier assigned to the device’s internet connection. IP addresses look like: “192.168.1.100” (local) or “203.0.113.45” (public).
Why it matters: IP addresses can help technical users identify the specific network or internet service provider being used. While most users don’t need to track IP addresses, they can be useful for:
- Verifying that multiple sessions from the same location are legitimate
- Identifying if access is coming from your known internet service provider
- Technical troubleshooting with support teams
Login Method #
This indicates how the session was established:
- UI (User Interface): Login through the web portal or web interface
- API: Login through API authentication (automated systems, integrations, or API clients)
Why it matters: Understanding login methods helps you identify different types of access:
- UI logins are typically human users accessing through browsers or mobile apps
- API logins might be:
- Automated systems you’ve set up
- Integrations with other software
- Third-party applications you’ve authorized
- Potentially unauthorized automated access
If you don’t use API access and see API login sessions, you should investigate further.
Login Time #
The login time shows when the session was initially established. This is displayed in your account’s timezone setting.
Why it matters: Login time helps you correlate sessions with your activities:
- Recent logins you recognize from your own actions are likely legitimate
- Very old login times for sessions showing “Active now” might indicate persistent sessions you’ve forgotten about
- Logins at unusual times (e.g., 3 AM when you were sleeping) could indicate unauthorized access
Last Activity #
Last activity shows the most recent time the session was used. This is displayed in two ways:
- “Active now”: The session has been used within the last minute
- Time ago format: “5 minutes ago”, “2 hours ago”, “1 day ago”
Why it matters: Last activity helps you understand which sessions are currently in use versus dormant:
- Sessions showing “Active now” are currently being used
- Sessions with recent activity (minutes or hours) are likely still valid sessions
- Sessions with old activity (days) might be:
- Dormant sessions you forgot to logout from
- Sessions on devices you no longer use
- Potentially abandoned sessions that should be closed
Current Device Indicator #
One device will show a “This device” badge, indicating it’s the device you’re currently using to view the Connected Devices page.
Why it matters: This helps you distinguish your current session from all others. When you logout other devices, your current device is automatically protected and remains active, so you won’t accidentally logout yourself.
Understanding Session States #
Sessions can be in different states, and understanding these helps you manage your account effectively:
Active Sessions #
Active sessions are currently authenticated and can access your account. These sessions appear on your Connected Devices page. Active sessions have:
- Recent login time (within your session timeout period)
- Valid authentication credentials
- Ability to perform account actions
Managing Active Sessions: You can logout active sessions individually or all at once (except your current device) to terminate access immediately.
Inactive or Expired Sessions #
Sessions become inactive when:
- They exceed the timeout period (no activity for a specified duration)
- You manually logout the device
- The device’s authentication token expires
- System security policies terminate the session
Inactive sessions don’t appear on your Connected Devices page because they no longer have access to your account.
Current vs. Other Sessions #
Your current session is the device you’re using right now to manage your account. All other sessions are additional devices or browsers that also have active access. Understanding this distinction is important because:
- You can logout other sessions without affecting your current work
- Your current session is protected from accidental logout
- You maintain control even while terminating access from other devices
Making Sense of Multiple Sessions #
It’s normal to have multiple active sessions. Here are common scenarios:
Multiple Browsers on Same Computer #
If you use Chrome, Firefox, and Edge on the same desktop computer, you’ll see three separate sessions. Each browser maintains its own independent session, which is normal and expected behavior.
Same Device, Different Networks #
If you access your account from your phone while on your home Wi-Fi, then switch to mobile data, you might see two sessions briefly. Sessions typically consolidate, but during network transitions, temporary duplicates can appear.
Desktop and Mobile Simultaneously #
Many users maintain active sessions on both desktop and mobile devices simultaneously. This allows you to work on your computer while also checking status from your phone. This is perfectly normal and expected.
Team Account Access #
If multiple team members access the same account, you’ll see sessions for each person. Device names, locations, and activity times help you identify who is using which device.
When to Be Concerned #
While multiple sessions are normal, certain patterns should prompt investigation:
Unfamiliar Locations #
Sessions from locations you haven’t visited or don’t recognize should be investigated. However, remember that:
- VPN usage can make locations appear different
- Mobile networks can route through different cities
- IP geolocation isn’t always 100% accurate
If you see an unfamiliar location, check the device name, OS, and browser details. If those also don’t match your devices, it’s time to logout that session.
Unexpected Device Types #
If you only use a desktop and iPhone, but see an Android session, investigate. Similarly, if you never use API access but see API login sessions, review your account access.
Activity at Unusual Times #
If you see login or activity times that don’t match your schedule, it could indicate:
- Automatic systems or scheduled tasks (legitimate)
- Team members in different time zones (legitimate)
- Potential unauthorized access (investigate)
Persistent Old Sessions #
Sessions that show login times from weeks or months ago but still show recent activity might indicate:
- Long-running API integrations (if using API access)
- Browsers you forgot to logout from
- Potential security concerns if the device type or location doesn’t match your memory
Best Practices for Reviewing Device Information #
To get the most from your Connected Devices page:
Regular Reviews: Check your Connected Devices page weekly or monthly. Regular reviews help you:
- Catch suspicious activity early
- Clean up forgotten sessions
- Maintain awareness of all account access points
Correlation Check: When reviewing sessions, correlate the information:
- Does the device name match a device you own?
- Does the location match where you’ve been?
- Does the login time match your activities?
- Does the platform match your device types?
Trust Your Instincts: If something feels off, even if you can’t pinpoint exactly why, logout the session. It’s better to logout a legitimate session (which can easily be restored) than to leave a compromised session active.
Document Known Devices: If you manage multiple devices, consider keeping a simple list of your known devices and their characteristics. This makes it easier to spot unfamiliar sessions during reviews.
Understanding Location Accuracy #
IP-based geolocation has limitations you should understand:
City-Level Accuracy: Most IP geolocation provides city-level accuracy, meaning the location might show a nearby city rather than your exact town. This is normal and expected.
Mobile Network Variability: Mobile networks often route through different towers and locations. Your phone might show a location from a nearby city where your carrier has routing infrastructure.
VPN Impact: If you or someone accessing your account uses a VPN, the location will reflect the VPN server’s location, not the actual device location.
Corporate Networks: If accessing from a corporate network, the IP address might resolve to the corporate headquarters location, even if you’re working from a branch office.
International Travel: When traveling, locations might update with a delay, or sessions might show your home location until you establish a new session in the new country.
Understanding these nuances helps you make better decisions about whether a location is suspicious or just a geolocation quirk.
Next Steps #
Now that you understand what each piece of device information means, you can:
- Confidently identify legitimate vs. suspicious sessions
- Make informed decisions about which sessions to logout
- Maintain better awareness of your account security
- Effectively manage multi-device access
For detailed instructions on how to logout devices and manage your sessions, see our guide on “Managing and Securing Your Connected Devices.”