---
title: "Security update: Device verification for sign-ins"
description: "We now verify the authenticity of sign-ins from new or unrecognized devices. Because this is a new change, you may be asked to verify a device even if it has accessed Cloudsmith before. By confirming both your login credentials and the device, we help prevent unauthorized access with minimal disruption to your workflow."
canonical_url: "https://cloudsmith.com/changelog/security-update-device-verification-for-sign-ins"
last_updated: "2025-04-10T08:10:00.000Z"
---
# Security update: Device verification for sign-ins

We now verify the authenticity of sign-ins from new or unrecognized devices. Because this is a new change, you may be asked to verify a device even if it has accessed Cloudsmith before. By confirming both your login credentials and the device, we help prevent unauthorized access with minimal disruption to your workflow.

#### How It Works

- **First-Time Verification: **When you log in from a new or unrecognized device, you’ll receive an email with a secure link.
- **One-Click Authorization: **Clicking that link approves the device for your Cloudsmith account.
- **Extended Access: **Once verified, the device remains authorized for 12 months.
- **Multi-Account Usage: **Each Cloudsmith account on the same device must be verified separately.
- **Manual Revocation: **You can revoke sessions anytime by visiting [Sessions and History]() and choosing Logout Other Sessions.

#### For Existing Sessions

- No immediate action is required right now.
- This requirement starts at your next login.
- Current sessions remain valid until they end or you sign out.

If you haven't already, consider enabling multi-factor authentication for an added layer of security. Questions? Please [contact us](/company/contact-us).
