Trusted devices & active sessions
Villva ERP lets you stay signed in across your devices through the working day, and gives you full control over those sessions. This is how you protect your account if a device is lost or shared.
Active sessions
Section titled “Active sessions”Your active sessions list (in Account & security) shows every device currently signed in to your account, each row with:
- Device and browser
- IP address
- Last-active time
- A “this device” marker for the one you’re using now
From here you can:
- Sign out any other session individually.
- Sign out everywhere else with one action, clearing every session except the one you’re on.
- Your current session is marked and can’t be signed out from this page, sign out normally for that.
Signing out a session takes effect immediately: that device is dropped on its next action and has to sign in again. Sign-out actions are recorded.
Staying signed in
Section titled “Staying signed in”You stay signed in across devices without being asked to re-enter your password constantly, and there’s no idle timeout: but you can end any session whenever you like using the list above. Signing out on one device doesn’t affect the others unless you choose “sign out everywhere”.
Trusted devices (skip 2FA on a familiar device)
Section titled “Trusted devices (skip 2FA on a familiar device)”If your organisation uses two-factor authentication, you can mark a device you trust so you don’t have to enter a code every time on it.
- On the 2FA step, tick “trust this device”.
- That device then skips the 6-digit code for a set number of days, but still asks for your password.
- Your organisation sets the maximum trust period (default 30 days, up to 90). Trust expires automatically.
- You can revoke a trusted device any time from your sessions list.
- Changing or resetting your password revokes every trusted device, so they’ll all ask for a code again.
If a device is lost or stolen
Section titled “If a device is lost or stolen”Sign out that session (or “sign out everywhere else”) straight away, and consider changing your password, which also signs out all other devices and clears trusted devices.
For admins: force sign-out
Section titled “For admins: force sign-out”If an account may be compromised, a Tenant Admin can force a user off every device in one action; Villva can do this across organisations. The user is signed out on their next action and receives an email notice, and the action is recorded with an optional reason. An admin can’t force-sign-out themselves, and a Tenant Admin can’t force-sign-out a Villva staff member. A few sessions already in flight may take up to 15 minutes to drop. See Users & roles.