Two-factor authentication, often referred to as 2FA, can also be called two-step verification. Others may at times refer to it as dual-factor authentication.
It is vital when a user wants to better protect an account by using two different means to verify themselves. It is a vital step when one needs to protect credentials and the resources the user can access on Slack.
Who can use two-factor authentication on Slack?
All those who use Slack for team purposes are able to enable the 2FA on the platform. All members including guests can secure their accounts using two-factor authentication.
Users who regularly use Slack for team or businesses purposes are better off when they turn on the two-factor authentication on Slack. If a user’s password is compromised or stolen, two-factor authentication gives the user the peace of mind that his or her account is safe.
Note that at this period, Slack makes it mandatory that anyone on paid plans use 2FA when signing in to Slack. That’s the same with those who haven’t enabled the mandatory 2FA.
Two ways to turn on 2FA on Slack
The primary way is to make use of authentication app. Find it here for Android. Once you download and install it you can check steps below to enable or turn on 2FA in Slack.
There are other apps that can be used as well, such as Duo Mobile, 1Password, Authy, Microsoft Authenticator.
The secondary means to turn it on is through SMS text message.
First, let’s explore the tips for turning on the two-factor authentication through the authentication app.
Turn on 2FA in Slack using authentication app
Step 1: Sign in on your Android phone. Get into the appropriate workspace, and visit your Account page settings. If you haven’t enabled the 2FA you’ll see Two – Factor Authentication is inactive for your account.
Step 2: Click on Expand to set it up. Take note that once you’re done, the process logs you out on all other devices where you may have signed in previously.
Step 3: Enter your password and click Use An App. This helps in retrieving authentication codes the app supplies on your device.
Step 4: Add a new account in the app by simply tapping the + icon.
Step 5: Scan the QR code so your device can get it automatically. You may also enter the code manually.
Step 6: Go back to Slack’s 2FA configuration page and enter the six-digit verification code your app generates.
That’s it. Whenever you sign in to Slack, you only need to open your authentication app to fetch the code it supplies along with your password. That code expires and changes to another in a few seconds so watch it.
Turn on 2FA in Slack using SMS text message
Before you begin this process, be aware that owners of the Slack account of which you’re a member can prevent you from using SMS as your 2FA method. In this case you can only use the authentication app.
Here are the steps you need to take if you are able to turn on 2FA with SMS.
Step 1: Sign in on your Android phone. Get into the appropriate workspace, and visit your Account page settings.
Step 2: Click Expand. Also, click Set Up Two-Factor Authentication.
Step 3: Enter your password and click SMS Text Message. This helps in retrieving authentication codes the app supplies on your device.
Step 4: Select your country from the menu, or choose Other if your country isn’t listed.
Step 5: Enter your phone number including area code or zone code.
Step 6: Check for the six-digit verification code on your device. Enter the code on the Slack 2FA configuration page.
Step 7: Select Verify Code to finish.
Every time you try to log in, you’ll get a single use authentication code.
How two-factor authentication works on Slack
2FA must be set up with every workspace if you have several of them on Slack. Get a unique 2FA separately to enjoy using your account.
In case your phone gets lost or the app is accidentally deleted, you may use one of your backup codes found on your Account page. The best practice is to make a copy of your codes and save them somewhere safe. Each code can only be used once.
When you get a new device and want to log into your account, you can ask your admin to disable the 2FA for your account. He only needs to click on the three dots next to the member account to disable it. A workspace owner that can’t sign in will have to contact the Workspace Primary Owner for help.