PSA: Slack Is Resetting Your Password After Fixing A Bug, Check Inbo

Reset your passwords asap!

Share on twitter
Tweet
Share on facebook
Share
Share on whatsapp
WhatsApp
But a security researcher discovered a vulnerability in Slack on 17 July 2022. Slack immediately took action and fixed the vulnerability on the same day.
Image: Google

Slack is an excellent communication and collaboration tool. In a short span, it amassed more than 10 million monthly active users and is now a de-facto communication app for most workspaces. But a security researcher discovered a vulnerability in Slack on 17 July 2022. Slack immediately took action and fixed the bug on the same day.

Slack also sent out emails to their users informing them about the existing and now-fixed bug in the app. If you also received a mail from Slack, it’s time to reset your Slack password.

What was the Slack bug?

As per the Slack email, the bug existed in the Slack invite link feature. Whenever a user created or revoked an invite link, all the existing users in the Slack workspace would receive the hashed password of the user who created the invite link.

However, no one would be able to see the passwords in the Slack workspace. It would only be visible to anyone intercepting the network traffic.

Slack assured that the passwords sent to the users weren’t plain text passwords. They were encrypted and were very difficult to decrypt. Moreover, Slack uses salting to make passwords even more secure so the passwords won’t be easy to decrypt, even by brute force.

It is assuring to hear that but according to the security standpoint, a minor flaw like this can compromise a lot of Slack accounts. According to a report by Wired, the bug affected only 0.5 % of the total Slack users, which is still a huge number if you compare it to the number of Slack users monthly.

slack bug
Source: Pixabay

So, Slack fixed the vulnerability and reset the passwords of users. You can check your email inbox for mail from Slack. If you did receive the mail, you will have to change your password to access Slack. It is a painless process but if you feel miserable while creating new passwords, you can use a password manager.

It will suggest random passwords that are hard to crack, even with brute force. Slack also advises using two-factor authentication to add a layer of security to your Slack account.

Abhishek Mishra

Abhishek Mishra

I love exploring technology and devote my time to curating detailed posts and supplying credible information to inquisitive users. I wish I had some spare time to play a few RPGs or clean my desk.

Find your dream job

Work at your dream company with Fossbytes Jobs