User Activity, lots of users for same account, is that right?

Question asked by YS Tech - 2/23/2022 at 8:44 AM

Unanswered

I'm currently looking at the User Activity area and its showing 70-80 users for around 25 accounts, most of the duplicates are via webmail.

Should I be worried or is this normal?

I'm a bit concerned that there are multiple people logged into the accounts that shouldn't be.

I'm not quite sure what the IPs listed relate to because I'm logged into webmail and it doesn't show my IP address in the list. Is the IP the IP of the webmail address?

Thanks

4 Replies

Reply to Thread

Kyle Kerst Replied

2/23/2022 at 10:42 AM

Employee Post

My theory is these are likely leftover sessions that haven't timed out. You can check who is actually logging in to those accounts by checking the IPs listed in the Administrative logging for those user accounts though, and if you see any that don't match your customer's public IP address you can then blacklist as needed. On your own login, is it possible it is showing something like ::1 or 127.0.0.1 for your session? These would imply loopback and indicate you're logging on directly to the server. I hope this helps :)

Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com