Slack was hacked. Reading the thread on HN I decided to discuss why hashing only passwords is impractical if attackers get read access to your users table or entire database.
more here..........http://sakurity.com/blog/2015/03/27/slack_or_reset_token_hashing.html
more here..........http://sakurity.com/blog/2015/03/27/slack_or_reset_token_hashing.html