Learn how to spot when a shared device still holds someone else's account or work, and how to leave it clean.
A shared device is not safe to leave until work context is closed and the account is signed out.
Last reviewed 2026-06-13 by the IT Lunchroom Editorial Team. General guidance, not professional security or legal advice.
I can tell when a shared device still contains someone else's account, record, or work context.
You leave able to recognize when a kiosk, shared desk, or frontline workstation still has someone's account, record, or work open, and you gain a short close-out routine you can run before stepping away from any shared device.
A shared device is any computer, tablet, kiosk, or workstation that more than one person uses, such as a frontline counter terminal, a hot desk, or a public kiosk. Because the next person inherits whatever the last person left open, an account, record, or message can stay visible long after its owner walks away.
Work gets left behind because closing a window, locking a screen, or walking away does not sign an account out. The session often stays active, so the next user can see emails, customer records, or open files, or even keep acting as the previous person. Saved passwords and stay-signed-in options make this last even longer.
Signs that a device still holds someone else's context include a name, photo, or initials that are not yours in a corner, an inbox or record you did not open, a form already filled in, or a session that loads straight to someone's account without asking you to sign in. Treat any of these as a sign that work context is still open.
Before stepping away from a shared device, run a short routine: save or close any work you opened, actively sign out of every account rather than just closing the window, clear or close anything still on screen, and confirm the device returns to a neutral sign-in or home state. Only then is the device safe to leave.
If you sit down and find someone else already signed in, do not keep working in their account or read their records. Sign their session out so it returns to a neutral state, then sign in as yourself, and report the lingering session through your approved support or reporting route so the pattern can be fixed.
Imagine finishing a task at a shared counter terminal and getting called away. You close the browser tab and leave. Closing the tab did not end the session, so the next person opens it and sees your account and a customer's record. The fix is the routine: actively sign out and confirm the device is back to a neutral state before you step away.
Optional practice lets you rehearse the close-out routine on sample sessions so it becomes automatic before you use a real shared device.
Write a short, privacy-safe note describing your close-out routine and what you check for before leaving a shared device, without naming any real person, account, or record you saw.
Once work is closed and the account is signed out. Closing a window or letting the screen sleep can leave the session active, so an active sign-out is what makes the device safe to leave.
It often leaves the account still signed in. Hiding or closing a window usually leaves the session active, so the next person can still reach the account unless you sign out.
Sign their session out, sign in as yourself, and report it. Working in or reading someone else's session exposes their account and records, so sign them out, switch to your own login, and report the lingering session.
Save or close the record, actively sign out, and confirm the kiosk returns to a neutral state before stepping away. A kiosk passes to the next person immediately, so signing out and confirming a neutral state is what keeps the customer's record private.
Sign that session out so the device returns to a neutral state, sign in as yourself, and report the lingering session through the approved route. An inherited active session is someone else's account, so signing it out, switching to your own login, and reporting it protects their privacy and fixes the pattern.