If you’ve ever noticed an unfamiliar sign-in on one of your accounts, you know that sinking feeling. Hackers and unauthorized users don’t always change your password or make obvious moves — sometimes they simply stay quietly logged in, watching or waiting. The good news is that Google, Microsoft, and Apple all let you see every active session on your account and sign out any device you don’t recognize, often in under two minutes.
You don’t need special software to do this. A few clicks on each platform’s security page gives you a clear list of every device, browser, and location with an open session. Even if nothing looks wrong, running this check once a month is a smart habit — catching a stale session from an old phone you sold is just as important as catching an intruder.
Quick Answer
Go to myaccount.google.com/security, scroll to “Your devices,” and click “Manage all devices” to review and remove Google sessions. For Microsoft, visit account.microsoft.com/security and check “Sign-in activity.” For Apple, open Settings → [Your Name] on iPhone or visit appleid.apple.com to see and remove connected devices.
How to Check Active Logins on Google
Step 1: Open the Security Page
Go to myaccount.google.com/security. Sign in if prompted, then scroll down to the “Your devices” section.
Step 2: Review Active Sessions
Click “Manage all devices.” You’ll see every phone, tablet, and browser that has accessed your Google account recently, along with approximate location and last-activity time. A session from a city you’ve never visited — or a device you no longer own — is a red flag.
Step 3: Sign Out the Device
Click the suspicious device, then click “Sign out.” Google signs that device out of all Google services immediately. The person on that device would need your password to get back in — which is exactly why you should change your password right after.
Pro Tip: After signing out an unknown device, change your Google password immediately and enable two-factor authentication if you haven’t already. This locks the door before a removed user can try to regain access.
How to Check Active Logins on Microsoft
Step 1: Open Sign-In Activity
Go to account.microsoft.com/security and sign in. Click “View my activity” under the Sign-in activity section.
Step 2: Read the Activity Log
Microsoft shows every sign-in by date, device, browser, IP address, and approximate location. Look for logins from countries or cities you don’t recognize, or unusual timestamps like 3 a.m. when you were asleep.
Step 3: Respond to Suspicious Logins
Each entry has a “This wasn’t me” button that launches a guided security review and password reset — which forces all active sessions to sign out. If you spot a currently active session you don’t recognize, change your password immediately to cut off access.
Troubleshooting Tip: If you see repeated logins from an unfamiliar IP address, your credentials may have appeared in a data breach. Check your email at Have I Been Pwned (free, no sign-up required), and read this breach-check guide for next steps.
How to Check Active Sessions on Apple
Step 1: Find Your Devices
On iPhone or iPad: Go to Settings → [Your Name] and scroll down to the device list.
On Mac: Open System Settings → [Your Name] and scroll down.
On the web: Sign in at appleid.apple.com and click “Devices” in the sidebar.
Step 2: Review Each Device
Tap or click any device to see its model, operating system version, and serial number. A device you sold, gifted, or lost should not still appear here.
Step 3: Remove the Device
Tap “Remove from Account” and confirm. The device instantly loses access to iCloud, Apple Pay, and your iCloud data. Apple also sends a security notification email to your registered address.
Platform Comparison
| Platform | Where to Check | Per-Device Session View? | Remote Sign-Out? |
|---|---|---|---|
| myaccount.google.com/security | Yes | Yes, instantly | |
| Microsoft | account.microsoft.com/security | Sign-in log only | Via password reset |
| Apple | appleid.apple.com / Settings | Yes | Yes, instantly |
Common Mistakes to Avoid
- Checking only one account. Most people secure Google but forget their Microsoft and Apple accounts — attackers know this. Review all three in the same sitting.
- Removing a session but not changing your password. Signing out kills the active session, but an intruder who still has your password can sign back in within minutes. Always change the password immediately after removing an unknown device.
- Dismissing unfamiliar-looking but nearby locations. VPNs and mobile data towers can make your own logins appear to come from a different city. Compare the timestamp to your own activity before assuming it’s harmless — but investigate anything you can’t explain.
- Leaving old devices on your account. A phone you sold two years ago and never properly signed out is still a live session. Remove every device you no longer own.
- Skipping two-factor authentication after the cleanup. Removing an intruder without enabling 2FA is like changing the lock but leaving a spare key outside. Pair this check with a strong password manager and 2FA for lasting protection.
Frequently Asked Questions
Does removing a device delete my files?
No. Signing a device out removes its access to your account, but your photos, documents, and emails stored in Google Drive, OneDrive, or iCloud remain untouched on the server.
Will the person on the removed device know they were signed out?
They’ll simply find themselves logged out the next time they open a linked app or try to access your account. No direct notification is sent to them.
How often should I check my active sessions?
Once a month is a solid routine. Check immediately after using a public computer, sharing a device, or receiving a suspicious login-attempt email.
What if I can’t sign in because my password was already changed by someone else?
Use the “Forgot password” account-recovery flow on each platform. Google and Apple both support recovery via a trusted phone number or backup email address, even after an unauthorized password change.
Is it safe to run this check on a public computer?
Yes, but sign out completely when you’re done and clear the browser’s saved passwords before walking away. Better still, use your own phone to run the check if one is handy.
Conclusion
Spending five minutes on each platform’s security page can close access you didn’t know was open. Run the check on Google, Microsoft, and Apple today, remove anything unfamiliar, and change your password any time you find something suspicious. Pair this monthly habit with strong unique passwords and two-factor authentication — together they make unauthorized account access far harder to pull off.