Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
365 results found
-
Get Rid of Waterfall Permissions - Allow Subfolder Security To Be Set Differently
It is absolutely ridiculous that a company as large as Box is using waterfall permissions for all enterprise accounts.
In a business environment, it is absolutely necessary to be able to set specific permissions on subfolders within a large data folder that all users have access to. This is a simple feature included with every other cloud file provider we've ever used.
Needs to be included ASAP.
12 votes -
Closed folder structure
"My Sign Requests", "My Canvases" and "My Signed Documents" folders are created as private folders technically by Box, without any admin intervention. When using a closed folder structure, these folders can still be used by users to build their own folder structures, as they become the owner of this folder. This counteracts the idea of a closed folder system and represents a massive security gap. Users can then build folder structures and content in our box instance without any control by the admin and share them with external users.
These technically generated folders must therefore be restricted accordingly, or admins…
2 votes -
External user verification via TOTP for shared links
Please consider adding a TOTP verification option for shared links. You could allow a link to be shared to an email address but require TOTP verification via that same email address. This would help verify that only someone with access to the email address we shared with can access the content without forcing them to signup for a free Box account.
Thank you
7 votes -
Hide older versions from certain collaborator levels
When you share a file/folder with another user, no matter what permission level you give them they are able to see all older versions. It would be great if we could hide those from lower level collaborators like you can do with comments.
2 votes -
Need multiple options for 2-factor authentication
Please allow multiple options to receive a 2-factor authentication code. If I were to lose access to my cell phone or change the phone #, then I would be unable to receive a code via SMS and be locked out of Box.
In addition, please ensure the options other than 2FA code via SMS actually are viable options. Right now, the authenticator option doesn't work - no QR code is generated by Box for me to scan with my phone. The e-mail option also doesn't work - I keep getting an error message that the default e-mail is invalid ...…
1 vote -
Folder-level access control
Box needs folder-level access control so that you can assign a specific user access level to a specific folder and not have it inherit the "waterfall" (unwanted) access level. This has been an issue for many years.
5 votes -
Leverage the External Identity providers like OKTA to securely access the Box API’s.
Context : Allow box subscription tenants to leverage the External Identity providers like OKTA to securely access the Box API’s.
Use case: Tenants like us want to centralize the access to the APIs to our external vendors partners and internal teams. It is always beneficial to centralize the access using OKTA like OAUTH 2.0 providers and move to zero trust.
1 vote -
Make editing password protected shared links clearer
When a shared link to document or folder is already password protected, and a user wishes to change the password, the password screen should be clearer as to how this is accomplished - possibly by an additional Change button or Confirm Changes
Currently this is unclear
2 votes -
Administrative Controls around shared links
For Shared Links that are open to "People with the link" and no expiration date across our organization, we'd like to have the ability to:
- Disable these links up across all or selected users
- Restrict settings for the majority of our users so that all of these shared links have an expiration of 60 days or less
- Allow only a select group of users the ability to share links with way without expiration dates
1 vote -
email MFA with FTP
FTP only supports SMS MFA, this is a very restricting security setting, and quite frankly is a bad idea.
PER BOX'S OWN DOCUMENTATION ( https://support.box.com/hc/en-us/articles/360043697154-Multi-Factor-Authentication-Set-Up-for-Your-Account):
"SMS may not be available because a user is traveling, offline, or in a country that does not support 2FA through SMS."
AS WELL AS:
"There are known SMS security vulnerabilities, such as SIM swapping."
Please allow us to use AT LEAST email MFA when uploading/downloading via FTP.
1 vote -
Hardware security token for 2FA / MFA / Yubikey
With the broader support of passkeys , I would like to suggest a phishing resistant WebAuthn based Authentication option for Box.
This would open up future possibilites for convenient and secure FaceID/TouchID/Yubikey/etc authentication.
Insurance companies are requesting it and I am sure all Box customers would benefit.
1 vote -
MFA self reset up
Currently, when a user get locked out from their own account when the MFA is turned on, they need to contact Box support team to get it usable again.
It would be great if users can self reset from the login screen without submitting a support ticket.3 votes -
Allow exceptions for users/groups when setting shared link expiration at org level
We have auto-expiry and prevent users from modifying the expiration. We want to allow exceptions to either user/group/specific folder so we could have permanent links for storing files for web or other projects.
1 vote -
Ability of business to enable/disable password protection of documents/folders function
The functionality allowing users to password protect documents and folders, should be manageable at the top level, as this function may cause problems with managing content if over used by users.
A simple enable/disable toggle for each group of users (Previewer, Editor etc) - so that users may/may not have the ability to password protect documents/folders depending on their permissions in particular locations
Admin Console - reporting locations and details of password protected documents and folders
1 vote -
Remove password protection without losing shared link
It should be possible to remove password protection from document or folder, WITHOUT removing/losing the shared link itself
1 vote -
Confirmation of document file protection password on setup
When setting up a password to protect a document or folder, the window to enter password on, should have a second box to re-enter the password, to avoid setting passwords incorrectly
1 vote -
MFA option to be TOTP or SMS or Email
When the MFA option is released currently the option is:
1. TOTP
2. TOTP or SMS or Email.Can you make it a check list so we can enable the one we want?
For example, I only want TOTP and SMS.7 votes -
Multiple IDP Support for Login
While Box Supports Multiple IDP connections to a single tenant, it is not possible without the tenant to provide a landing page for login. This is something that multiple other providers already support, and asking the customer to supply their own login page to access Box from multiple IDPs hurts both Box and the customer.
This hurts Box because instead of creating managed and secure users, I now need to juggle 3rd party users and treat them as guests rather than full users. ($)
This hurts customers by not allowing us to administer policies easily for end users as a…
1 vote -
Allow setting passwords on folders
Setting passwords on files is good, but we should be able to set passwords on folders (at any level of a folder structure). The ability to set passwords on folders should be limited to owners and co-owners.
1 vote -
malwarebytes
One of the restrictions you can place on Box sign-ins is verifying appropriate antivirus is in place. For the Mac side, Malwarebytes is not one of the allowed antivirus solutions, but it is what we have deployed at our company. Please add Malwarebytes to the allowed list of antivirus solutions on the Mac.
1 vote
- Don't see your idea?