Skip to content

Security

Settings → Security holds the two things that decide who can get into your account: how you sign in, and which devices are currently signed in.

Linked accounts

Choose how you sign in. Three methods can sit on one account:

MethodCan be removed
EmailNo. It is the always-available fallback.
GoogleYes
GitHubYes

Email OTP is permanent by design. Because it can't be removed, you can never lock yourself out by unlinking the others. Trying to remove it fails with "Email is the always-available fallback and cannot be removed."

  • Link. Click Connect on Google or GitHub and authorize. The provider's verified email must match your account email.
  • Unlink. Click Disconnect on a linked provider. Each linked row shows the date you linked it.

Linking doesn't create a second account. The account is one record keyed by email, so any method resolving to the same verified address lands on the same account. See Profile for how sign-in methods relate to your email.

Active sessions

Every device currently signed in to your account, one row each:

ColumnMeaning
Browser (Device)Which browser and platform, for example "Chrome (Mac OS)".
LocationApproximate place the session signed in from.
Last seenWhen that session was last active.
Active sessionMarks the one you're using now as Current session.

Click the sign-out icon on any row to end that session. It signs that device out immediately, and the row disappears.

Signed in somewhere you don't recognize?

End the session, then unlink any OAuth provider you didn't add yourself. Sessions are ended individually, so revoke each unfamiliar row.


Ready to take control of your web analytics? Try Statable free for 30 days — no credit card required, full feature access, GDPR-compliant by default. Start your free trial or view a live demo.