Learn how to manage your login sessions, control how long you stay logged in, and maintain account security across devices.
What Are Sessions?
A session is the period of time you're logged into Toolfy. When you log in, a secure session is created that allows you to use the application without entering your password repeatedly.
How Sessions Work
- Login creates session: Entering correct credentials starts a session
- Session token: Secure token stored in your browser
- Automatic validation: Token checked with each page load
- Session expiry: Sessions end after period of inactivity
Stay Logged In Options
"Remember Me" Checkbox
When logging in, you can check "Remember me" to:
- Extended sessions: Stay logged in for 30 days instead of 8 hours
- Automatic login: Skip login on return visits
- Device-specific: Only affects the device you're using
- Secure storage: Uses secure browser storage
Session Duration
- Default session: 8 hours of inactivity
- "Remember me" session: 30 days
- Active sessions: Extended while you're using Toolfy
- Security override: Forced logout for suspicious activity
Multiple Device Access
Concurrent Sessions
You can be logged in on multiple devices simultaneously:
- Office computer: Desktop browser session
- Mobile device: Phone or tablet session
- Home computer: Personal device session
- No limit: Use as many devices as needed
Session Synchronization
- Real-time updates: Changes sync across all devices
- Automatic refresh: Data updates without page reload
- Conflict resolution: Latest changes take priority
- Offline handling: Changes sync when reconnected
Viewing Active Sessions
Session Manager
Check all your active sessions at Settings → Account → Active Sessions
Session Information
For each active session, you can see:
- Device type: Computer, phone, tablet
- Browser: Chrome, Safari, Firefox, etc.
- Location: Approximate geographic location
- IP address: Network identifier
- Last activity: When session was last used
- Login time: When session was created
Managing Sessions
Ending Individual Sessions
- Go to Settings → Account → Active Sessions
- Find the session you want to end
- Click "End Session" next to that device
- Session immediately terminated
- User must log in again on that device
End All Other Sessions
To log out of all devices except your current one:
- Go to Settings → Account → Active Sessions
- Click "End All Other Sessions"
- Confirm you want to log out all other devices
- All sessions except current one terminated
- You remain logged in on current device
Security Best Practices
When to End Sessions
- Lost device: Phone or laptop lost or stolen
- Shared computer: Used public or shared computer
- Suspicious activity: Unrecognized login locations
- Team member departure: Employee leaving company
- Security breach: Compromised password or account
Regular Security Review
- Weekly check: Review active sessions weekly
- Recognize devices: Verify all sessions are yours
- Check locations: Ensure geographic locations make sense
- End old sessions: Terminate unused or forgotten sessions
Automatic Logout Scenarios
Security-Triggered Logout
Toolfy may automatically log you out for:
- Suspicious activity: Login from new location or device
- Multiple failed attempts: Repeated wrong passwords
- Password change: When you update your password
- Account security changes: Enabling 2FA or security updates
Technical Logout
- Browser closure: Some browsers end sessions when closed
- Cache clearing: Clearing browser data logs you out
- Cookie deletion: Removing cookies ends session
- Incognito mode: Private browsing doesn't save sessions
Team Session Management
Team Member Sessions
Business owners can manage team member sessions:
- View team sessions: See where team members are logged in
- Force logout: End team member sessions if needed
- Security monitoring: Watch for unusual login patterns
- Access control: Manage who can access the account
Team Security Policies
- Session limits: Maximum number of concurrent sessions
- Location restrictions: Limit logins to specific locations
- Time restrictions: Business hours only access
- Device approval: Require approval for new devices
Mobile App Sessions
Mobile Session Behavior
- App installation: Sessions persist through app updates
- Background refresh: Sessions stay active when app backgrounded
- Push notifications: Require active session
- Biometric login: Fingerprint/face unlock for convenience
Mobile Security
- Device lock: Require phone passcode/biometric
- App logout: Log out when not in use
- Lost phone: End mobile sessions remotely
- Automatic timeout: Mobile sessions timeout faster
Troubleshooting Sessions
Frequent Logouts
If you're being logged out frequently:
- Check "Remember me": Ensure box is checked at login
- Browser settings: Allow cookies from toolfy.io
- Incognito mode: Don't use private browsing for work
- Browser updates: Keep browser current
- Extensions: Disable ad blockers that might interfere
Cannot Log In
- Clear browser cache: Remove stored data and try again
- Different browser: Try Chrome, Firefox, or Safari
- Disable extensions: Turn off browser plugins temporarily
- Check network: Ensure stable internet connection
- Firewall settings: Make sure Toolfy isn't blocked
Unrecognized Sessions
If you see sessions you don't recognize:
- Don't panic: Could be different network/location
- Check details: Look at device type and browser
- Consider recent travel: Different city/network
- End suspicious sessions: Terminate anything you don't recognize
- Change password: Update password immediately
- Enable 2FA: Add two-factor authentication
Session Settings
Customizing Session Behavior
Control session preferences at Settings → Account → Session Preferences
Available Settings
- Default session length: How long to stay logged in
- Inactivity timeout: Auto-logout after period of inactivity
- Remember me default: Check "remember me" by default
- Security notifications: Email alerts for new device logins
Additional Security
Login Notifications
- Email alerts: Get notified of new device logins
- Location alerts: Notice logins from new locations
- Session tracking: Monitor active sessions
Compliance and Auditing
Session Logging
- Login records: Track all successful logins
- Logout tracking: Record all session endings
- Failed attempts: Log unsuccessful login tries
- Audit trail: Complete history for compliance
Data Retention
- Session logs: Kept for 90 days
- Security events: Retained for 1 year
- Compliance exports: Available for audits
- Privacy compliance: GDPR-compliant logging
💡 Pro Tip: Use "Remember me" on your primary work devices but not on shared or public computers. This balances convenience with security.