Update Your Slack Passwords Now, Android Users
Over the weekend, some Slack Android users received a seemingly random email urging them to update their passwords. The email claims that a bug in the Android app incorrectly logs the password data as clear text, which can be easily recovered by hackers.
I don’t blame you if you ignored the email – there are many signs of phishing – but it’s legal. Android police have confirmed with several Slack representatives that the emails are sent from Slack, the security issues are real, and the links in the message are safe to click. While there is no evidence of password theft or account hacked, Slack actively encourages users to update their passwords.
The Slack email has instructions on how to reset the password and clear the app cache, but it’s unclear if all affected users have been notified, so for anyone using Slack on Android it’s prudent to follow the company’s suggestions, even if they haven’t received the email. Here’s what you need to do:
First, update your password using the link in your Slack email or in your account settings on the Slack website.
Then make sure you have the correct version of Slack installed. This part is simple: if Slack is running on your phone, you have the correct version; otherwise, you can safely download the latest build from Google Play. Google removed the buggy version of the app from Google Play, which also disabled it on the devices on which it was previously downloaded, so there is no more risk of using the app.
If you have the correct version of Slack installed on your device, the final step is to clear the app’s data cache to ensure that the incorrectly saved password data is removed. There are two ways to do this:
( Note: Clearing the app cache takes you out of Slack, so be sure to log back in after doing this.)
- In Android Settings, go to Settings> Apps> Slack> Storage and select Clear Data or Storage . “
- Press and hold the Slack icon on the app launcher. Click App Information , then Storage , then select Clear Data or Storage.