Two-factor authentication

 

Overview

Two-factor authentication (2FA) is a common, extra layer of security that you can add to your online accounts. Enabling two-factor authentication means that Asana will ask for an additional code, in addition to email and password, when authenticating.

This code will be generated by an authenticator app (e.g. Duo, Authy, Microsoft Authenticator) that you can install on your phone.

 

Like what you see? Get started with a free 30 day Asana trial today. Try for free.

Enabling 2FA

To access your 2FA settings, navigate to My Settings.

2FA
 
 
 

 

From the Account tab, click on Two-Factor Authentication.

Enable or disable 2FA
 

 

Next, you’ll be asked to verify your password.

password
 

 

Next, you’ll be prompted to scan a QR code.

QR code
 

 

Lastly, enter the code generated by your authentication app and click Enable.

QR code 2
 

Disabling 2FA

To disable 2FA, click on My Settings and navigate to the Account tab. Then click Two-Factor Authentication.

disabling 2FA 1
 

 

Next, enter your Asana password and click Disable.

disabling 2FA 2
 

 

2FA will then be switched off.

2FA off
 

Logging in with 2FA

Once enabled, you will then be required to use 2FA when logging in to your account.

First, click Log in from the Asana homepage.

log in 1
 

 

Next, enter your email address and password and click Log in.

log in 2
 

 

Then, use your code generated by your authentication app and click Continue.

log in 3
 

Logging in with 2FA on mobile

Once 2FA has been enabled, you will be required to use it when logging in through your mobile device.

To log in, first enter your email address and click Continue with email.

mobile 1

Then enter your password and click Log in.

mobile 2

 

Finally, use the code generated by your authentication app and click Continue.

mobile 3

Problems logging in with 2FA?

If you have any issues logging in with 2FA once it’s been enabled, please contact Support.

2FA admin reset

Available on Asana Enterprise and Enterprise+ tiers, as well as legacy tier Legacy Enterprise.

From the admin console, admins can view if 2FA is enabled for a member. They can also disable 2FA for a specific account. This is useful if a member has lost their 2FA device and needs to regain access.

For security reasons, admins are only allowed to reset 2FA if the member belongs to no other domain.

 

To view 2FA settings for a member, navigate to the members tab of the admin console. From there click Edit profile settings.

Admin 1
 

 

From the next window, navigate to Security tab and scroll down to Two-Factor Authentication.

Admin 2