New for Admins: Stronger password and security controls
Weβre excited to announce new features created to help Admins better manage their companyβs Asana accounts. Starting today,Β Organization AdministratorsΒ have the ability to enforce stronger password requirements for members and can force a company-wide password reset to ensure security.
With new password strength controls, you can set your organizationβs password standards as βsimple,β which requires that passwords are at least 6 characters long, or βstrong,β which requires passwords to have at least 8 characters, and must include characters from at least 3 of the following types: lowercase, uppercase, numbers, and symbols (!@#&). This new feature also gives you more options in how teammates sign on. You can choose from SSO or SAML, or can have teammates create a password specifically for Asana that meets your strength requirements.
OK | Not OK |
Unicorns123! (LUNS) | unicorns123 (LN) |
unicorns123! (LNS) | UNICORNSabc (LU) |
UNICORNS123! (UNS) | unicorns!!! (LS) |
Unicorns123 Β (ULN) | UNICORNS123 (UN) |
Unicorns!!! Β (ULS) | UNICORNS!!! (US) |
123123123!!! (NS) |
Forcing a company-wide password reset is not a feature that we expect Admins to use too often, but things happen, and itβs important to have a way to keep your information secure in case passwords are compromised. This feature lets you reset your entire companyβs passwords with one click (donβt worry, weβll always confirm before initiating a reset). Once you push reset, each of your teammates will get an email from Asana asking them to click on a unique login link and reset their password.
When to use password strength requirements and reset
When you enable stronger passwords, Asana will force existing users to have a strong password when they decide to change their password. If youβd like to ensure that everyone in your organization has strong passwords, youβll want to reset all passwords once youβve switched to strong password requirements. Once security requirements are put in place, each new teammate and guest that is added to Asana must create a password that meets your security requirements, ensuring that login info company-wide is secure.
When it comes to password reset, youβll likely use this feature only when absolutely necessary. For example, if someone on your team accidentally discloses their login info for Asana externally, or if a team memberβs account is compromised, you may reset your entire companyβs passwords as a precautionary measure. As they say, better safe than sorry, especially when it comes to your company data.
How to use password controls
As with all admin functionality, these new features are only available to organization admins in Premium accounts.
Clicking on your profile picture in the top right corner of Asana, and choose [Your domain name] Settings.
Click on the Administration tab to set password strength requirements or do a password reset.
Simply click the toggle option by βPassword strengthβ to change strength settings and hit βSaveβ to implement changes across your organization. The red βReset all passwordsβ button will first ask you if youβre sure, and once you confirm, will initiate an organization-wide password reset, including the adminβs passwords.
This feature is a part of Asanaβs focus on Admin specific features to help teams like yours better manage and store their data in Asana. Let us know what you think in the comments below!