View your active sessions
Open the account menu (your avatar, top right), choose Profile, then open the Security tab. The Active sessions card lists every device currently signed in to your account. Each row shows:- The device or browser (user agent), or Unknown device if it wasn’t reported.
- The IP address it signed in from, or No IP if it wasn’t reported.
- When the session was created.
- A Current session marker on the one you’re using right now.
Revoke a session
Use Revoke on any row that isn’t your current session to sign that device out immediately — do this for a shared computer, a lost laptop, or an entry you don’t recognize. To sign out every other device at once, use Sign out everywhere else at the top of the card. Your current session stays active. You can’t revoke your current session from this card. To end it, use Sign out from the account menu.Change your password
On the same Security tab, the Change password card asks for your current password and a new one (at least 8 characters). Saving a new password automatically signs out all your other sessions, so anyone using a stale copy of your account is dropped.Switch active organization
If you belong to more than one organization, open the account menu and pick a different one under Organization (the current one has a checkmark). The page reloads its data in the new organization’s scope; your session stays the same, only its scope changes. Open tabs show the new organization’s data on their next refresh.Sign out
Choose Sign out from the account menu. This ends your current session on this device only. Your other devices stay signed in until they’re revoked or expire on their own.If you forgot your password
When your deployment has email configured, the sign-in page shows a Forgot password? link. Choose it, enter your email, and follow the Send reset link flow. The link takes you to a page where you set a new password. If the link isn’t shown, email recovery isn’t available for your deployment — contact your Novacula platform administrator, who can set a password for you directly. If you’re already signed in and just want to rotate your password, use Change password on the Security tab of your Profile instead — no email needed, and it signs out your other sessions in the process.Security checklist
- Revoke any session you don’t recognize, then change your password.
- Never paste a session cookie or token into a chat, ticket, or screenshot.
- Use API keys for scripts and integrations, not your personal session.