The mail says:
"We noticed some suspicious activity on your Trello account (...) we think someone may have stolen your username and password from another company's app or website"
But I am logging with my Google account!
When I tried to log in with a password (in case I forgot I had one), I've been answered that a google account can not log in with a password
Is this email a bug or is there something going on with my account???
Hi all,
Mike from Trello Support here.
If you received that email, even though you're primarily logging in with Google, we did have a local password for your account, which was maybe created when you first signed up to Trello. As part of the reset process, I can no longer see exactly what happened with that local Trello password, unfortunately. Depending on the age of your account, you could also have inadvertently requested a password reset at at some point, but I can't say for certain.
Essentially, we spotted suspicious login activity—after some investigation, we determined that a password of yours was acquired from somewhere else, through another service's data breach, and then tested at trello.com, and our force resetting passwords was a safety measure, to be doubly sure that nothing is compromised.
In resetting the passwords, we removed any local, Trello password—this means that if you tried logging in at all, Trello would tell you that the only way you can log in is to use Google, but you can always go to https://trello.com/forgot and set a new password that way, which is what we recommend!
All passwords involved in this incident came from another source. We're not able to tell exactly which breach those came from unfortunately, but you may be able to find more details about exactly which external breach you were compromised in by checking https://haveibeenpwned.com/
If you have any further questions, please don't hesitate to get in touch: https://trello.com/contact
I received the same message and was confused. If I use Google (Gmail) to log in, Trello should never have a password on file for me.
This part is also confusing "Because it looks like you may have used a password for Trello that was also used in another app or website that was hacked, we've gone ahead and reset your password just to be safe."
They didn't reset my password because I never set one, and I can still just hit "Login with Gmail" and access my trello information.
I'm confused.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I received that email too today and I also log in with my Google account. Posting to keep track of the answer.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.