Hardware tokens with Slack two-factor authentication

 en français

For an added layer of security, turn on two-factor authentication (2FA) for your Slack account. If your password is compromised or stolen, you'll have peace of mind knowing that only you can sign in
How hardware 2FA works with Slack: 

  • You’ll need access to your hardware token when you sign in to Slack. 
  • You'll need a device with NFC during the enrollment. Subsequent logins will only require a hardware token itself.
  • You'll enter a verification code generated by the token and your password each time you sign in. 
  • In addition to using a hardware token, you can also choose to send your verification code by text message or from an authentication app.

Step 1: Download and install an authentication app

Before you can enable a hardware token for 2FA on your account, you’ll need to install one of the burner apps on your device. In this guide, we will use our Android NFC Burner app as an example.

Step 2: Turn on 2FA in Slack

  1. Sign in to the appropriate workspace, and visit your Account page at my.slack.com/account/settings.
  2. Expand Two-factor Authentication, and click Setup Two-Factor Authentication.
  3. Enter your password, and click Use an app to retrieve authentication codes from the authentication app on your device.
  4. Now, launch Token2 Burner App on your device. Click on Scan QR button and scan the QR code shown on the configuration page as described in the previous step (or enter the secret key shown, especially if you are using the Windows version of the app). Then, push the button on the token device and hold it close to the NFC antenna of your NFC device (on the phones it is usually below the camera on the back). Click on "burn seed" button. The app should show "burn seed process succeeded" message if the process is successfully completed.
  5. (Optional) You can add the same TOTP Profile to a mobile app to serve as a backup (or vice versa)
  6. On Slack's 2FA configuration page, enter the 6-digit verification code that your hardware token generates.
  7. To finish, press Verify Code.

When you sign in to Slack, turn on the hardware token and enter a code along with your password.

Use 2FA with multiple workspaces

If you're a member of more than one Slack workspace, you’ll need to have a hardware token for each account separately. Alternatively, you can use Token2 Molto-1, a multi-profile TOTP hardware token (to be released in August 2019).