
Show HN: AtPassword Slack bot – Encrypt password in your Slack conversations - WildGreenLeave
https://github.com/Taronyuu/AtPasswordSlackBot
======
WildGreenLeave
Hi everyone,

Creator of this (pretty much useless) Slack bot here. Before anyone is going
to complain about how this isn't secure because Slack can still log your
passwords, I know and that wasn't the point of developing this. The attack I
was trying to solve is when a hacker get access to a the Slack workspace (e.g.
a hacked account) and is able to scroll back to get all the passwords. And
although this is only marginally better, it made me (and several other people)
think about this issue. And therefore, made it worth my time.

You can't try it out from the Slack app directory because they denied my
request with the following reply:

Thanks for submitting your app to the App Directory. Unfortunately after
looking at your submission we have made the decision that your app is not
appropriate for the App Directory. Slack is not designed for the sharing of
credentials and as such cannot be used for that purpose safely. In addition we
can't approve an app that promotes the sharing of credentials with a third
party. Sorry I couldn't have better news for you.

So once again, this was just a Proof-of-concept and should not be used in
production, obviously you are welcom to think about the issue. :)

