So, every user has Personal Projects to manage their personal tasks. At the same time, they might be a member of organization workspace. This means they have their corporate Email address added to their Asana accounts. I wonder if that means that there is a possibility for this scenario:
- Employer, who manages your Email account changes password of Email.
- Goes to asana.com and uses “Forgot password” feature.
- He gets new password link on my Email (now he has access to it);
- Logs in to Asana and has access to not only Organization workspace, but all the other workspaces, because Asana account is Asana account, not organization-level account.