Announced on Rollout starts Rollout ends
July 1, 2026 July 7, 2026 July 30, 2026

Zendesk is implementing enhanced session security to detect suspicious activity and patterns that indicate a compromised session.

This announcement answers the following questions:

  • What's changing?
  • Why is Zendesk making this change?
  • What do I need to do?

What's changing?

Zendesk monitors all sessions for patterns that indicate compromise. If we detect suspicious activity, you'll be signed out and redirected back to the sign-in page. After you sign in again, you'll be returned to where you left off.

What to expect:

  • Typical users won't notice any changes. This protection detects highly anomalous patterns that don’t occur with normal use. These scenarios are rare and typically indicate the session cookie has been compromised.
  • If you're unexpectedly signed out, you'll be redirected to the sign-in page. After you sign in again, you'll be returned to where you left off.

Why is Zendesk making this change?

Session compromise is an increasing threat across the industry. When an attacker obtains a session cookie (through methods like phishing, malware, or network interception), they can impersonate the legitimate user until the session expires. Enhanced session security detects when session credentials are being used maliciously and blocks the session automatically to prevent unauthorized access.

What do I need to do?

No action is required. Enhanced session security works automatically in the background.

To learn more about Zendesk session time, see Understanding Zendesk session time.

If you have feedback or questions about this announcement, visit our community forum, where we collect and manage customer product feedback. For general assistance with your Zendesk products, contact Zendesk Customer Support.

Powered by Zendesk