2020-06-08 14:08:27 -04:00
---
stage: Manage
2022-01-26 22:14:06 -05:00
group: Authentication and Authorization
2020-11-26 01:09:20 -05:00
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2020-06-08 14:08:27 -04:00
---
2021-11-24 22:13:04 -05:00
# Email notification for unknown sign-ins **(FREE)**
2020-05-12 23:08:26 -04:00
2020-06-01 14:08:07 -04:00
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27211) in GitLab 13.0.
2020-12-04 16:09:29 -05:00
NOTE:
2020-06-22 11:09:27 -04:00
This feature is enabled by default for self-managed instances. Administrators may disable this feature
through the [Sign-in restrictions ](../admin_area/settings/sign_in_restrictions.md#email-notification-for-unknown-sign-ins ) section of the UI.
The feature is always enabled on GitLab.com.
2020-06-18 14:08:58 -04:00
When a user successfully signs in from a previously unknown IP address or device,
2020-05-12 23:08:26 -04:00
GitLab notifies the user by email. In this way, GitLab proactively alerts users of potentially
malicious or unauthorized sign-ins.
2020-06-18 14:08:58 -04:00
There are several methods used to identify a known sign-in. All methods must fail
for a notification email to be sent.
2020-05-12 23:08:26 -04:00
- Last sign-in IP: The current sign-in IP address is checked against the last sign-in
IP address.
- Current active sessions: If the user has an existing active session from the
same IP address. See [Active Sessions ](active_sessions.md ).
2020-06-18 14:08:58 -04:00
- Cookie: After successful sign in, an encrypted cookie is stored in the browser.
This cookie is set to expire 14 days after the last successful sign in.
2020-05-12 23:08:26 -04:00
## Example email
2021-05-26 17:10:49 -04:00
![Unknown sign in email ](img/unknown_sign_in_email_v14_0.png )