Slack users on Android should change their password right away, here’s why

Slack was found to store passwords in plaintext between December 21st and January 21st.

Highlights
  • Slack has advised some users to change their password immediately
  • The Slack app on Android was storing data in plain text, which could potentially allow anyone to access it
  • Slack has also advised affected users to clear the app data on their Android devices

If you’re a Slack for Android user, it would be wise to change your password right away. A small number of Slack users have received an email from the enterprise messaging service advising them to change their passwords at the earliest, Android Police reports. The move comes after Slack for Android was found to store passwords in plaintext, meaning that just about anybody could potentially access that information. The problem occurred between December 21st and January 21st, but Slack has assured The Verge that it has resolved the issue. Furthermore, Slack also states that no data has been breached and the affected users’ accounts are still secure. The password change suggestion is more of a precautionary measure than anything else.

Also read: BigBasket data breach: personal details of 2 crore users being sold on dark web

As mentioned earlier, only a small portion of Slack users appear to have been affected. Those who signed in to Slack on Android via the Slack Magic Link are safe. This only applies to users who manually inputted the password manually. Affected users have been notified via email, which many might have dismissed as a phishing attack. Slack is also advising users to clear the app data on Android where the password could still potentially be stored. Here’s how you go about it.

How to change your Slack password and clear app data on Android

First, sign in to Slack using this link. Depending on your platform, the Slack client should open itself automatically. If you don’t have one, there is an option to continue via the browser. Click on your profile image on the top-right corner, followed by the More button and then Account Settings. There, you’ll be presented with an option to change your password. Take this opportunity to enable 2FA (two-factor authentication) too, as it will help bolster your account security further.

Now that you’ve changed your Slack password, it’s time to clear the app data on Android. Navigate to the Settings app on your smartphone and find the Apps tab. Do note this could vary depending on your device’s manufacturer. Select the Slack app and navigate to the Storage tab. Here you’ll be presented with the option to clear the app cache and app data. Make sure to back up any important information as clearing both will delete all Slack-related information from your device, including any saved logins.