Saturday, January 28, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Development > Slack resets passwords after fixing a bug

Slack resets passwords after fixing a bug

Slack sent out emails to its users notifying them about a fixed flaw in the app. If you received an email from Slack, you should reset your Slack password immediately.


Hanife Diktas Hanife Diktas
August 8, 2022
2 min read
Slack resets passwords after fixing a bug
  • Slack reset the passwords of 0.5% of its users as a precaution after being alerted to a bug that transmitted hashed versions of user passwords to other workspace members.
  • The bug affected all users that created or revoked a shared invite link between April 17, 2017, and July 17, 2022.
  • The company fixed the bug immediately and sent an alert email to its affected users, urging them to change their passwords as soon as possible.

The messaging program Slack delivered an email about a bug that affected roughly 0.5% of its users. The bug was transmitting a hashed version of the users’ passwords to other workspace members. The vulnerability had been active between 17 April 2017 and 17 July 2022, for five years.

The flaw existed for five years

Slack is an excellent communication and collaboration tool. It has transformed business communication and is used by millions to align their teams and unify their systems. In a blog post, the company disclosed a bug discovered on 17 July 2022. The messaging app had taken action and resolved the issue almost on the same day.

According to Slack, the bug had affected approximately 0.5% of Slack users starting in 2017 for five years. The flaw existed in the Slack invite link feature. Each time a user created or revoked an invite link, other members in the Slack workspace would receive the hashed password of the user who created the invite link. Luckily, this hashed password was not visible to any Slack clients. It would only be visible to anyone actively intercepting the network traffic.

Slack says that it does not think that anyone was able to get plaintext passwords because of this issue. They reset the user’s passwords for the only sake of caution.

« We have no reason to believe that anyone was able to obtain plaintext passwords because of this issue. However, for the sake of caution, we have reset the affected users’ Slack passwords. They will need to set a new Slack password before they can log in again. »

The bug was discovered by an independent security researcher and disclosed to Slack on July 17. Upon fixing it, Slack sent an email to affected users and required them to reset their passwords The users can visit the Slack help center for further information on password resets at any time.

See more Development News


Tags: Slack
Hanife Diktas

Hanife Diktas

Hanife Diktas is a news editor at Cloud7 News. Hanife started her career in the manufacturing sector in the marketing and sales department. Hanife worked in industrial equipment, renewable energy, and technology sectors. Hanife Diktas did her bachelor's degree in business administration and completed a master's degree in management at Yeditepe University in Istanbul, Turkey. Hanife is a Linux user, and she also contributed to AlmaLinux OS at the beginning of the project. Hanife focuses on web hosting, cloud computing, data centers, cybersecurity, Linux OS, and virtualization technologies. Hanife enjoys creating content and shooting videos covering these topics.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
GwisinLocker ransomware targeting Windows and Linux ESXi servers

GwisinLocker ransomware targeting Windows and Linux ESXi servers

Related News

Google is shutting down its website optimization solution

Google is shutting down its website optimization solution

January 27, 2023 1:20 pm
WP to use GitHub as a central communication tool

WordPress to use GitHub as a central communication tool

January 24, 2023 4:00 pm
WordPress.org Project's big picture goals for 2023

WordPress Project’s big picture goals for 2023

January 20, 2023 1:15 pm
Git is patched for two critical vulnerabilities

Git is patched for two critical vulnerabilities

January 19, 2023 12:30 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

What’s new in Linux kernel 6.2 rc5?

10 Best Web Hosting Services of 2023

Ubuntu 22.04 LTS is available for download. What is new?

CERN and Fermilab recommend AlmaLinux

7 best hosting control panels of 2023

How to update Linux Kernel without rebooting?

7 best Linux mail servers of 2023

7 best cPanel alternatives for 2023

7 best Linux web browsers for 2023

7 best CentOS alternatives

7 best Linux server distros of 2023

Interview with Igor Seletskiy on AlmaLinux

How to create a VM and install a Linux distro on VMware Workstation

Recent News

  • Weekly round-up: 23 – 27 January
  • Interview: Orly Izhaki, General Manager of Wix Restaurants
  • What is ChatGPT? Everything you need to know
  • What is cloud orchestration?
  • Cloud7 Expert Series: Emre Baran from Cerbos

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.