Viewing Binance login devices takes just 3 steps: Open the Binance official APP, click "Account" in the bottom right corner, go to "Security - Device Management", and you will see a list of all currently logged-in devices, showing the model, login IP, location, and last active time for each. You can also view this by logging into the Binance official website and navigating to "Security - Device Management". Binance records all devices logged in within the last 30 days, including those currently online and offline. There is a "Delete" (log out) button next to each device. If you spot an unrecognized device, click it to log it out immediately. It is also recommended to change your password, reset your 2FA, and check your API Keys. According to Binance's 2024 data, 68% of abnormal account events come from unrecognized devices remaining logged in without being noticed. Regularly checking your device list is one of the simplest and most effective self-protection measures. If you can't find the "Device Management" entry in your APP, your version might be too old; refer to the iOS installation guide to update to the latest version. This article explains the complete process of viewing, identifying, logging out, locking devices, and setting up alerts.
What Can You See on the Device Management Page?
After entering "Device Management", the page is divided into two sections: "Authorized Devices" and "Login History".
Authorized Devices displays all devices currently logged in. Each record includes: device model (e.g., iPhone 15 Pro, Windows 10 Chrome, MacBook Safari), login IP address, IP location (accurate to province/city), last active time (e.g., "2 mins ago", "3 hours ago", "2 days ago"), and a unique device identifier (the last 6 digits of a desensitized device ID).
Login History shows all login attempts within the last 30 days, both successful and failed. Here you can see: login time, login IP, login method (Password/2FA/QR code), login result (Success/Failed/Blocked by risk control), and the API Key name used (if logged in via API).
Since the late 2023 update, the device management page also added a "Risk Score" display. Each device will be marked in green for "Frequently Used", yellow for "Occasionally Used", and red for "First Appearance". Pay close attention to red devices; if it wasn't you, log it out immediately.
How to Determine If a Device is Unrecognized
Identifying an unrecognized device requires a comprehensive judgment across 5 dimensions.
Dimension 1: Device Model. You know best how many devices you have. If "Samsung Galaxy S21" appears but you've never used a Samsung phone, it's almost certainly an unrecognized device.
Dimension 2: IP Address and Location. Normally, your IP should be in the area where you live or work. If you are in Shanghai, but there is a login from Beijing, Guangzhou, or even Russia or Vietnam, be vigilant. Exceptions: When using mobile data, the IP may show the carrier's base station location; when using a VPN, the IP will be in another country; logging in from a different place while traveling is also normal.
Dimension 3: Login Time. If there is a login record at 3 AM but you were sleeping, this is a typical abnormal signal. Check the exact minute in the login history.
Dimension 4: Login Method. Do you mostly use the APP or the web? If you only use the APP and suddenly "Windows Chrome" appears, be alert.
Dimension 5: Associated Actions. The operation trace after a login is usually displayed next to the record. If an API Key was created, a withdrawal whitelist added, or an email changed immediately after logging in, this is typical account theft behavior.
Based on the above 5 points, if there are 2 or more anomalies, treat it as an "Account Compromised" scenario.
Emergency Procedure Upon Discovering an Unrecognized Device
Take action immediately in the APP, following this sequence.
Step 1: Log out the unrecognized device immediately. Click the "Delete" or "Log Out" button next to the device. It will lose login status instantly. Note: Logging it out does not notify the other party, avoiding alerting them.
Step 2: Log out all other devices with one click. To be safe, click "Log out of all other devices" at the bottom of the page, keeping only the device you are currently using. This cleans up any other unrecognized devices you might have missed.
Step 3: Change your login password. Go to "Security - Change Password" and set a completely new password, at least 12 characters long, including uppercase and lowercase letters, numbers, and symbols. Do not reuse passwords from other sites.
Step 4: Reset Google Authenticator (2FA). Even if the unrecognized device didn't get your 2FA, reset it for safety. Go to "Security - Two-Factor Authentication - Google Authenticator" and click "Change". Once reset, the old 2FA becomes invalid immediately.
Step 5: Check API Keys. Go to "API Management" and delete all API Keys you don't recognize. Hackers often create API Keys as "backdoors"; even if you change your password, they can still trade and withdraw as long as the API Key remains.
Step 6: Check withdrawal whitelists and address books. See if any unfamiliar withdrawal addresses were added to the whitelist. Attackers add their addresses and wait out the cooldown period to transfer assets in bulk.
Step 7: Check all operations in the past 24 hours. Review trade history, withdrawal history, deposit history, fiat orders, and P2P orders to confirm there were no unauthorized actions. Contact customer support immediately to freeze your account if you spot anything wrong.
Step 8: Contact Binance Support. Find the support entry in the APP, submit an "Account suspected compromised" ticket, upload screenshots, and let Binance investigate.
It's recommended to complete this entire process within 10 minutes. The longer it takes, the higher the risk of asset loss.
Enabling the Device Lock Feature
Binance offers an enhanced "Device Management" (Device Lock) feature. Once enabled, only authorized devices can log in. Unauthorized devices will be blocked even if they enter the correct password and 2FA.
How to enable: There is an "Enable Device Lock" switch at the top of the "Device Management" page. Turn it on and set your current device as a "Trusted Device". After that, when a new device logs in, it triggers a triple-check: Email Verification + 2FA + possible Face Verification. Only passing all checks grants access, after which the device becomes a trusted device.
Device lock is extremely effective against phishing attacks. Even if you enter your password and 2FA on a phishing site, the attackers won't be able to log in to the real Binance because their device isn't on your trusted list.
The downside is an extra authorization step when getting a new phone or PC, but for security, it's worth the hassle.
Configuring Login Alerts
Login Alerts send you an email notification every time a new device logs in, so you instantly know about anomalies even without actively checking the device list.
How to configure: Turn on "New Device Login Alert" in "Security - Notification Settings". You can choose from three channels: Email (recommended), SMS (sometimes delayed), and APP Push (instant but requires the APP to be online). It's recommended to turn them all on, especially Email alerts.
The alert email format is as follows:
- Login Time: 2026-03-31 14:23:45 UTC+8
- Device: Windows 10 Chrome 120.0
- IP: 223.104.xx.xx
- Location: Beijing, China
- Was this you? Click the link to confirm or deny.
If you click "Not Me", the system instantly forces the device offline, locks your account, and requires you to re-verify via email and 2FA before you can continue using it. This mechanism stops most account thefts within a minute.
Device Management Best Practices
| Habit | Frequency | Purpose |
|---|---|---|
| Check device list | Weekly | Spot abnormal logins |
| Clear devices unused for 6 months | Monthly | Reduce attack surface |
| Log out all devices after changing password | Every password change | Ensure old sessions are invalid |
| Enable login alerts | Permanent | Instantly perceive anomalies |
| Enable device lock | Permanent | Block unknown devices |
| Clear temporary devices after trips | After every trip | Keep the list clean |
Scenario 1: After logging in on a friend's phone. If you temporarily borrowed a friend's phone to log in to Binance, be sure to actively go to the device management page and log that device out when you get home, and consider changing your password (as their phone might have screenshot records).
Scenario 2: Before disposing of an old phone. Before selling or giving away an old phone, besides a factory reset, log into Binance on your new phone and remove the old phone from the device list. Even if the old phone is wiped, the logged-in session might still exist.
Scenario 3: After clearing browser cookies. Clearing browser cookies does not equal logging out. The "forgotten device" remains logged in on Binance's side until it naturally times out (usually 30 days). It's advised to manually log out before clearing cookies, or log in once after clearing and then log out of other devices.
FAQs
Q: Device management shows I logged in from Russia, but I'm in China. What's going on? A: It's highly likely a misjudgment by the IP geolocation database (especially with mobile networks, VPS, or CDN nodes). You can check the detailed IP address of this login in the login history, then verify it on an IP lookup site. If it really is a Russian IP, follow the account compromised procedure immediately.
Q: What is the "Unknown" device in the list? A: Typically, it's an API Key call record (APIs don't carry User-Agent info), an outdated APP (too old to report device model), or a jailbroken/rooted device. If you don't use API Keys and use a normal APP, "Unknown" warrants vigilance.
Q: Will the other party be notified when I log them out? A: No. But the next time they try to perform an action, they will find they need to log in again, at which point they'll know they were kicked out. It's recommended to change your password at the same time so they can't log back in.
Q: How long is the history kept? A: Login history is kept for 30 days and then automatically deleted. If you need longer-term auditing, taking monthly screenshots is recommended.
Regularly checking device management is one of the lowest-cost account security measures, taking just 2 minutes to prevent massive losses. We recommend you check your device list right now.