Why so hard to enable MFA?
I’m going to risk seeming stupid here, but what does MFA stand for please?
My guess is Multi-Factor Authentication, but I’m not 100% sure and didn’t know the answer to his question.
Mark yes you took that risk and it didn’t pay off haha. Multi Factor Authentication. I don’t want my account to have a single axx point. Preferably i’d like MFA or 2FA something other than email password.
astonishing this isn’t a primary menu item under the account settings.
In case it wasn’t known, Asana Premium does provide this via Google 2-Step Verification.
Holder of premium plans enable you to opt into Google SSO.
Additionally, if you are an enterprise plan holder, you have the option to protect your Organization withtwo factor authorization or SAML, which include, “OneLogin, Okta, LastPass, Bitium, Azure AD, SecureAuth, or Active Directory”.
Hope this clarifies your security options a bit more!
Let us know if you have any additional questions
I am using Asana 2FA for years now, and it works great.
I have to pay for 2FA and MFA is not an option?
ASANA that’s offensive
I can understand you, but you should keep in mind HOW much the free version of Asana already contains. There is a lot of work and people needed to build and maintain Asana.
At a certain point the company has to earn money and since usually only companies require 2FA or MFA, from my point of view it is totally OK to have this only in the paid version.
I get it but that’s unacceptable to allow a single point of failure compromise my IP my internal operations and data that can allow anyone to understand security protocols I implement in my code. 2FA at least. Install Duo. Seriously, this shouldn’t be a premium thing, security should be implied.
I agree with @cameron1. Security should not be sold as a premium feature. Asana shouldn’t want free or paying customers to be hacked.
Today, MFA is table stakes.
Thanks to Asana for now offering MFA to Premium users! This new feature is great, but I wish there was an option to require the MFA code at each login. Right now it’s only required at your first login from a new device. It would be great if my organization could change our settings to require the MFA code every time. Along these same security/login settings, I would also appreciate an optional Asana setting that would require a new login each day, instead of the current every 15 days frequency. These should both be optional as I’m sure not everyone would want to implement such rigorous login settings. Thanks for considering!