According to a recent blog post of Slack, the company was breached back in February for four whole days. Even though there is no direct reason to worry, it is definite that security online needs to be taken more seriously from now on and the guidelines that follow aim to do just that!
Slack is a really popular company in the fields of communication and enterprise software and has just revealed that their online security has been violated in four days in February. The company that is located in San Francisco highlighted some further details in a blog post, in which they stated that their user data base has been hacked. The most unfortunate incident was that their data base was full of the personal information of the company such as user names, addresses, emails, passwords that can of course lead to valuable data, Skype Ids and even phone numbers being intercepted.
The Vice President of Slack, Anne Toth, wrote in the blog that: “there is no indication that the hackers were able to decrypt stored passwords, as Slack uses a one-way encryption technique called hashing.” Another important fact that she outlined was that fortunately the hackers did not have any kind of access to financial or payment information and in this way she has managed to calm a large number of people down about the security breach. She also said that she will personally help to the investigation, in order to find the cyber criminals involved and she also said that this incident will not only affect the employees of the company and simple individuals, but also the executives of the company.
The company felt so bad about this incident that the representatives of the company informed the people who are worried about their security level about some really important security tips, in order for those people to be kept protected starting from now. Apart from the tips, the company also published a two factor authentication and a password-kill switch for IT administrators to implement.
Ways to Set Up Slack’s Two-Factor Authentication
It is sure that the population of Slack has reached to a point where many companies use its systems in order to work with security and safety. One of these companies is TheAntlantic.com. The two-factor authentication that the Slack promotes is one of the greatest tools that any user can use in order to always be protected.
If you think that the only thing that stands as an obstacle between your server and the hackers is a password is absolutely wrong; in fact, another “key” is needed in order to achieve the full control of your server. This key is usually sent to the owner with a text message to his mobile phone. The two-factor authentication is a really important tool that is really easy to be set up. The only thing that you need to do is to download a Google-made application and follow the steps that are mentioned below:
- Start by visiting your Slack Account Settings page and click Expand that is located next to Two-Factor Authentication. Always have in mind that you need to be in the Settings tab and not in the Profile or Photo tab.
- After that you need the Slack password and click on the “Enable two factor authentication” button. The most difficult part is the one that you need to pick up your phone and download the Google application. For those of you who use devices such as iPhone or devices that have Android software, you need to find an application that is called Google Authenticator or Duo Mobile and for those of you who use Windows you need to find and download an application called Microsoft Authenticator.
- When you download each of these apps, a secret key will be put into the algorithm of your phone and you phone has the ability to solve the algorithm every 30 seconds. When your phone and your two factor server have the same secret key you will have the ability to sign in. all of the above apps have a different way to run the algorithms and that is the reason why Slack in asking you to download them. While you are on the set up two factor authentication page, Slack will definitely show the authentication app or even the Qr code.
- At this point, the authentication app will show you 6 numbers which make the unique code that Slack needs and after that you are prompted to click the “Verify code”.
- Finally, when you realize that everything is ready you need to go again to the account settings and you will find the “Enabled” initial. You will also see 10 backup codes that you need to copy some of them and write them down on a paper and in this way if for example you lose your mobile you will have the chance to access Slack once again. In a moment you will be logged out of the Slack chat window, but you do not have to worry about it, because this action means that you have successfully completed the process.
- Then rewrite your user name, password and the PIN that you will find on your Authentication app. It is really important to know that the PIN changes every 30 seconds and you also need to know that if you use more than one Slack room, you need to do this separately for every room.
It is not a really difficult procedure and all you need to do is to follow these exact steps. Ensuring your online protection is of paramount importance and therefore you should not ignore such guidelines!