Instagram login activity
While you were browsing social media, you received a strange e-mail informing you about a series of suspicious activities regarding access to your Instagram account. So you disconnected from the service and, with concern, you immediately thought of a hacker attack, having the feeling that someone was trying to access your profile secretly to spy on your IG. First of all, keep calm: I’ll tell you right away that Instagram has advanced tracking tools that, sometimes, could generate “false positives”; in any case, you were right to “take the matter head on”. For safety, it is always best to check every time you receive an email with suspicious login attempts, especially if you are not setting up a new device.
In order to help you, therefore, in the paragraphs that below I will explain how they work and how to control Instagram login activities . Also, I’ll help you increase the security of your account by adding extra control. I state in any case that it is always better to pay close attention to the security e-mails you receive, because often hackers also use them to carry out phishing attacks, “playing” on the user’s fears in an attempt to capture the real credentials .
What are Instagram login activities
The Instagram login activities are information that are generated by the complex account monitoring systems of the social network, usually aimed at making the user aware that someone has performed or is trying to log in to his profile.
Usually, this notification is sent when login is successful on unknown, new, apps, browsers or devices that have do not have of a login-related Instagram cookie, known as
This way, anyone who leaks your credentials will ‘access to Instagram and try to use them on his phone, tablet or PC, with an identical or different internet line, he would not have long before being discovered; consequently, you could immediately activate to change the password and protect access again, perhaps by reporting the incident to Instagram.
This also happens to protect yourself from the possible theft of the Instagram account, which could occur in the event that an attacker manages to access the profile and change the e-mail it is associated with, as well as the secret word used for authentication.
It should be noted, however, that these notifications are different from the suspicious e-mails that are automatically generated during password recovery attempts (by you or by strangers). Furthermore, it is a verification system distinct from the one that generates the shadowban of the Instagram profile.
Login information tracked by Instagram
Instagram can recognize suspicious logins based on several parameters , including:
session -IDand other session cookies on
instagram.comor on the app for iOS and Android;
- user agent with which you connect to the social network;
- Browser or app version;
- Operating system of the device used (e.g. Android, iOS, Windows 10, macOS or Linux);
- IP address public connection (of the Wi-Fi, LAN, 3G, 4G or 5G network, or even of the hotspot, to which you are connected);
- GPS position (identified by the GPS hardware integrated in the device or by the internet, the latter detection is more inaccurate);
- Mobile number and / or e-mail associated with the account (to see if the SIM is installed in the phone).
These and other data are collected when logging into the social network. So, if you absurdly delete the
session-ID or reinstall the application, you may receive an email about Instagram login activities .
If one or more data on your identity do not match , or if you are wrong several times to authenticate you, the social network system, for reasons of security, would block access to the account and generate the warning e-mail , since it would not know if, indeed, you were “on the other side” .
How Instagram access tracking works
In order for the above parameters to be tracked, Instagram has developed a authentication form to access the app or website. In fact, it is not possible to use Instagram without being registered, at least actively (e.g. by posting a photo).
In the login form, in addition to the text entry fields , that allow you to enter your username and password, there are “invisible” tracking codes (except by checking the source of the web page or the application code) that precisely detect this information.
The data is then stored in the local application database (on smartphones and tablets) or in the browser (if you are using a PC). This is the only information that is not saved in the Instagram cloud , obviously for privacy and security reasons.
In this way, Instagram guarantees the user, almost constantly, the ability to log in without authenticating multiple times and, if two-factor authentication is active (which I will talk about in the following paragraphs), without repeating the generation and consequent typing of the temporary code.
How to see the accesses to the Instagram profile
You don’t trust the e-mails you received on the new access to the Instagram profile? You do well, but it is always better to check in another way , rather to “shrug” and not care.
In this regard, you could verify the accesses to the Instagram profile using the application or the web client of the photographic social network. In this way, you would be able to monitor the actual links, which were successful and validated in short, or if the e-mail received was of misleading origin.
So, if you always had the ability to access your account , I suggest you continue by carrying out this check. Just put into practice the procedure described below, referring to the device you are using.
To check the if you log into Instagram with an iOS device, be it an iPhone or a iPad , all you have to do is use the application of the social network.
Proceed by opening Instagram , then tap the little man icon (bottom right). Then, select the three horizontal lines (top right) and follow the path
Settings> Security> Login activity .
In that section, you will be shown the Instagram login activities . Check if there are accesses to devices that are not allowed or whose geographical position you do not recognize. If anything makes you suspicious, don’t hesitate to disconnect the session: you can do it remotely, always from the app, therefore, by touching the icon with three dots located near the session, and then choose the item Exit .
On Android devices, smartphones or tablets, you can control login activities Instagram as I just explained to you for iOS, then using the social network application.
In this case, open the application , go to your profile , then tap the three horizontal lines . Now, choose Settings , tap Security and immediately after Login activity .
The links to the gone account will appear successful, which correspond to remote active sessions (on other devices, other apps related to Instagram or browser). Just read and interpret this information, and then decide if it is appropriate to disconnect a device: you can do this by choosing the three dots next to the session and tapping the option Exit .
If you have configured Instagram on the browser of your computer or your Mac, you can check the last logins from there too. First of all, connect to the social network, in order to view the feed.
At this point, click on the image of your profile (top right), so as to view the post gallery. Now, click on the gear icon to view the settings, then choose the Login activity option.
From the “ Where you are logged in ”, you will be able to check the links to your profile , even the older ones. You will also be notified of the access times, as well as shown the writing Active now in case of active sessions in real time. In case, to disconnect a session, click on the arrow pointing down (located on the same line) in order to expand the menu, then select the option Exit .
In the same screen, you may see the section “ Was it you? “, in which Instagram highlights, with lots of of a geographical map, the suspicious connection places , which he deemed unusual and therefore appropriate to report to you.
In case you were sure that it was you choose It was me ; otherwise, if you don’t recognize access , click on It wasn’t me . By doing this, Instagram’s artificial intelligence will memorize your preferences and will try not to warn you “unnecessarily” if you connect from similar places and / or locations.
Instagram login activity of multiple accounts
If you have more than one Instagram account and you want to keep them all under control, you will have to repeat the procedure I showed you just a little while ago for everyone.
At the time of writing, Instagram does not allow to control multiple access activities of profiles that are managed by the same app. You will then need to change your Instagram account and repeat the steps above.
Instagram login activity of another profile
If you wanted to check the access times to Instagram of other users , simply chat with them via Direct , the social network’s messaging system which is also available on the web version for PC.
By observing the date and time present in the chat, you will be able to understand how long a person does not use the social network, or if it is active . You can learn more by reading how to see the last login on Instagram.
Instead, if you are interested in see the login activities related to another profile , that is the data referred to above, you won’t be able to do that . In case a friend, family member or acquaintance asks you for help with this problem, I recommend that you use his profile together with him , so that you can replicate my instructions and explain what happened to him, without accessing from unusual locations or knowing his password (eg use this method if you are a technician in the IT sector, in order to protect the privacy of your customers).
Instagram login activity and two-factor authentication
Instagram login activity does not match two-factor authentication. These are two different checks , both of which are performed at login (if the relevant option for 2FA has been enabled).
The 2FA is a security system that allows the account owner to receive a temporary code on another device, to be entered when accessing the profile after typing the password correctly : the code is sent via SMS or via e-mail, so as to prevent sudden accesses, caused for example. from the online exposure of the credentials.
It follows, therefore, that 2FA allows you to better monitor the access activities to Instagram , given that all new accesses should exceed two security step (the password and the temporary numeric code, or the password and the recovery code, if the 2FA does not work). Follow the guide to activate Instagram two-factor authentication, in order to protect yourself effectively.
Instagram login activity with wrong place
If you see a different GPS location during an access check , first check that this is actually kilometers away from your location. Especially if the public IP address is dynamic, the geographical position could be largely inaccurate, ending up showing a location different from the real one (e.g. that of a Region or a Municipality adjacent to your area).
Also, although you use the same internet connection as always, check that you have not activated a VPN , which would mask your IP address, thus showing it in a different location, as well as hiding your real information (browser, operating system, user agent, etc.).
Do you still have doubts about the places indicated? In addition to using the “ It wasn’t me ” option and disconnect any suspicious sessions (as shown above), proceed to change your Instagram password periodically and to activate 2FA (as described in the previous paragraph).
Email from Instagram and unable to log in
Did you receive the e-mail indicating a suspicious access to Instagram and now you can no longer access your account with the devices you usually use? It could be a temporary problem, a ban by the social network or someone who managed to manage the profile for you.
In all three cases, I suggest you read the advice first. described in the guide to understand if an Instagram account has been hacked. Then, if you still can’t log in, contact Instagram and explain what happened.
How to avoid receiving Instagram login activity
If you often receive emails or reports on Instagram login activities, you can follow simple “ rules ” to minimize them (if not, even, make them disappear):
- Do not delete the cookies on your browser from PC, or at least not those of
- Do not use VPN to connect to Instagram;
- Avoid using extensions or software that modifies the user agent;
- Use the same devices and stay logged in, especially if you change your internet connection often (e.g. you go out of the office for work or travel often);
- Avoid using third-party mods or tweaks for Instagram, as well as bots;
- Follow the rules of the social network to avoid sudden blocks of features;
- Use two-factor authentication and configure a complex, alphanumeric password at least 12 characters long i;
- Whenever possible, use the same internet connection to connect new devices.
- Activate an anti-spam firewall on your mail server, so that ( and consequent opening) of suspicious e-mails;
It will not always be possible for you to “treasure” these precautions. However, use them as reference information, in order to avoid this type of warnings that Instagram automatically delivers.