cancel
Showing results for 
Search instead for 
Did you mean: 

Signing Out of all Devices

valisle
On our wavelength

Hi

I have changed my password. Is it possible to sign out of all devices at once?

18 REPLIES 18

HowardML
Superuser Emeritus
Superuser Emeritus

I get the point. The password change and quit all sessions option should be sufficient to protect you. There really isn't much else you can do. What VM have a tendency to do is to lock accounts until a password change is made. They didn't do that to you (lucky as it happens). 



I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

valisle
On our wavelength

Thank you for your reply.

I stayed logged in to the email on two different devices.  When I changed the password and opted to log out of all sessions, it didnt close the other device.

 

HowardML
Superuser Emeritus
Superuser Emeritus
As I've said we've wondered for a long time what that option does. I presume you closed the other device yourself.


I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

valisle
On our wavelength

Yes I did.  But that doesnt ensure that anyone that I am not aware of his locked out.

HowardML
Superuser Emeritus
Superuser Emeritus
I'll grant you that - no it doesn't. But what tends to happen with spammers is that shoot and then run, with no repeats. And a password change will prevent further misbehaviour.

Tbh there probably isn't a definitive answer to your question. You've done your best.


I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

valisle
On our wavelength

Thank you

用心棒
Very Insightful Person
Very Insightful Person

AFAICS the Quit other sessions option (now) terminates other webmail sessions; be aware this still does not achieve what you wanted IMHO.

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

  Use Kudos to say thanks

  Mark as Helpful Answer if I've helped

HowardML
Superuser Emeritus
Superuser Emeritus
I don't want to prolong this discussion unnecessarily, but for the sake of future visitors to this thread we should close the story. So I'll do this without giving too much comfort to any spammers reading this, though I suspect they know this already. @valisle cannot achieve precisely what he wants within the currently accepted international standards for the operation of e-mail systems. Changing passwords will stop future abuse but (as I suspected) cannot be guaranteed to stop abuse while a current session of mail is open.


I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

ravenstar68
Very Insightful Person
Very Insightful Person

The best way to understand what's happening here is this.

VM currently have two authentication systems running side by side.

  1. A single sign on system using a mechanism called Oauth2 - used when accessing webmail My VirginMedia and other VM services.
  2. Plain text logins (what Google euphemistically calls less secure) - which is used for POP3/IMAP/SMTP

Oauth2 sessions will authenticate once and so long as the user has not been logged out, when the user opens up the same device then the Oauth2 system uses the existing authentication information so that the user does not have to manually log in every time.  What the Sign out of other devices command does is exactly that.  It revokes all other Oauth2 sessions, except session the user issues the command from.

Plain text logins normally happen each time the user connects.  But the Oauth2 system cannot revoke these sessions.

Thus currently all it does is close any logged in webmail sessions in other browsers/devices.

I have confirmed this with Windows PC, Linux PC and Android Tablet.  Shortly after selecting close other sessions on one device - the other two devices automatically logged out.

One would hope that VM would extend Oauth2 logins to POP3/IMAP/SMTP in the near future, however we shall have to wait and see.  VM would have to consider any possible complications it would cause.

Tim

Edit - the last paragraph is my own personal opinion.  I am not a VM employee.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks