Slack Mobile Problems After Enabling 2FA
Two Factor Authentication (2FA) is an important part of ensuring account security. This typically involves linking your account to a mobile authenticator app, and after logging in via a normal username and password, adding a time-limited code from the app. It's increasingly-common to see online services require this secondary level of security, particularly from users with admin access or heightened privileges in an app.
Slack have offered this feature for a while, and recently announced a mandate for all admin users to have this in place before the end of February 2024. However, after enabling this on my account, a fun bug occurred - the mobile app signed me out of my workspace, and refused to re-add me. Fixing this involved jumping through a few hoops, documented below.
Logged out
After enabling 2FA on the desktop, when I opened the app I noticed I was signed out of my Square1 workspace. Fair enough - adding 2FA usually involves a re-authentication, so this pattern makes sense. Within Slack, I go to my workspaces list, and see my Square1 one there. Slack still recognises that I'm a member of this workspace, so I press "Add" to presumably authenticate again.
Problem. Pressing "Add" causes a "Sorry, something went wrong, please try again" error. Restarting the app and even restarting the phone made no difference - it looks like there's some weird state my account was in where Slack wouldn't even attempt to add the workspace. During this time, my desktop login was still fine, it's just the mobile device where it wouldn't work. Probably a good thing for my work-life balance and desire for a quiet life! But something to get fixed all the same.
The Fix
The workaround is a little non-obvious, with a few hoops to jump through.
First, go to the workspaces list, and click the "i" beside your email address. This will show that your email address has been verified on this device. Click "Revoke email confirmation".
After that is done, in the same workspace view, you'll see a prompt to verify your email address. Click it, and an email will arrive in a matter of moments.
Clicking that link will re-open the app, showing a list of the workspaces you have available to add. Something about this process seems to reset the slack authentication state, so now when I click the Square1 workspace, I get prompted to authenticate, using my 2FA app.
Once I enter the auth code, I'm back in, and all is well. Whatever weird login state I got stuck in is resolved, and normal service is resumed!
CyberWiseCon 2025
In May 2025, I'll be giving a talk at CyberWiseCon 2025 in Vilnius, Lithuania. From selling 10 Downing St, to moving the Eiffel Tower to Dublin, this talk covers real-world examples of unconventional ways to stop scrapers, phishers, and content thieves. You'll gain practical insights to protect assets, outsmart bad actors, and avoid the mistakes we made along the way!
Get your ticket now and I'll see you there!