Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
384 results found
-
Two factor authentication as standard for business customers
Two factor authentication is the standard for securing accounts. I was therefore surprised to learn that enforcing two factor authentication on the business subscription package is not an option. Requiring two factor authentication is only available on the top enterprise price plans.
This is disappointing, as it means businesses customers who use Box, their staff can bypass any requirement to use two factor authentication. It increases the risk of a breach of company data due to a bad password practices by an employee, like using the same password across many different services. Without two factor authentication the company data is…
2 votes -
Include device identification in Device Trust logs
We think it would be valuable to be able to identify a specific device failing Device Trust. Either MAC address or computer name would be useful. Computer name would be the preference.
This to positively identify the device end users are using to connect. As we were implementing Device Trust we ran into numerous situations where end users were connecting from multiple devices and not transparent with us that they were using multiple computers.2 votes -
Allow One-Off Reissue of Custom Terms of Service in Box
If a user ever rejects a custom terms of service, they are not able to access Box or attempt to connect via the collaboration link. It seems that they could try again in 30 days (we have not tested, this is way too long to wait for a time-out).
The only resolution to allow the single external collaborator to "reset" the ToS and accept them to sign in is to disable and re-enable custom ToS for all users.
This is a major problem - we should not have to revalidate all ToS for EVERY user to resolve an issue for…
1 vote -
New Authentication Process at sign in
The new authentication process is forcing us to use two step authentication even with our ATB Email address' every time we enter or come back after a period of time.
I am really hopeful that this is being looked into as its the most inconvenient. Our CSR's do not have business devices for google authenticator nor does the text feature seem to work to the branch office phones and when you ask it to call it takes a bit for the phones to ring and connect and cuts half the message off so we don't get a code. This is…
1 vote -
Password Requirements - customize min required characters
Password Requirements -> Minimum required characters -> only has the options of 6, 7, 8, 10 and 12. We would like to be able to set this character as 9, or any number in between 6-12.
1 vote -
2 votes
-
keysafe
Box keysafe requires the use of a specific AWS region, but from the perspective of disaster response, we request that the service be deployed in multiple regions.
1 vote -
Show the password when typing to avoid typo's
Add an option for the user to see the password they are typing to avoid typos when sending to the client. At the moment, there is no option to see what you have typed until the client is telling you that the password doesnt work. Especially with caps, symbols etc.
3 votes -
Co-Owner should be able to confirm the destination of the file (or the user who operated it)./Co-ownerにもファイルの移動先(あるいは、操作したユーザー)確認をできるようにしてほし
We know that if we want to know where a folder has been moved to, we can ask the administrator to output it from the report.
However, We would like the Co-owner to be able to check the destination of the file (or the user who operated it) in case of urgency.(In Japanese)
フォルダの移動先を知りたい場合、管理者に問い合わせる事でレポートから出力する事が可能である事ですが
急ぐ場合にCo-ownerにもファイルの移動先(あるいは、操作したユーザー)確認をできるようにしてほしいです。3 votes -
Change configuration shared links - expiration policy
Currently it is possible to configure an expiry policy for shared links for a period of up to 10 years, the logic in which this option is programmed is contradictory in itself.
Once this policy is implemented from the administration console, expecting that links can be removed/expired after a certain period of time in order to have more control and security over the shared content the end user can simply remove this setting (expiry policy) at the time they are creating their shared link.
The end user is practically overwriting the configuration at the environment admin level.
3 votes -
Copy All Folder Settings when copying a Folder
When copying a folder, all folder settings should be copied over as well (or have the option to do so). As is, some settings do copy over while others don't. For example:
Can Copy: Restrict Collaboration to within ETF, Disable Commenting, Shared Link Access, Watermarking, Uploading (Overwrite files) and Email notifications
Won't Copy: Only Folder owners and co-owners can send collab invites, Hide Collaborators, Allow Uploads to this folderThis would be especially useful when copying a template folder with a folder structure that needs the same settings when copied for a new project/customer/etc.
12 votes -
Select which 2FA/2SV feature
There are currently 2 2FA mechanisms, SMS or Auth App.
We would like to be able to select which mechanism to be available to users. We want to avoid users from having to use SMS1 vote -
Hide and add permissions to folders
I would like to hide or lock folders as I have multiple employees.
1 vote -
Timed logout out option with inactivity
Would like to elect to have a timed log out option. For example if you set 10minutes or 1hr of inactivity you would be automatically logged out like a banking website.
2 votes -
Prevent Co-owner from assigning Co-owner to other users
We would like to see the option to prevent a user with Co-owner permission from being able to assign Co-owner permission to other user's.
1 vote -
2fa
Title: 2FA – Session Level NOT Machine Level
Category: 2FA
Idea:
After enabling 2FA:
Steps followed:
Quit Safari (v14.0.3) (Cmd+Q)
Launch Safari
Navigate to account.box.com/login
Login without 2FA (2FA enabled)
As a separate test, I also removed my Safari session from Box security, quit Safari (Cmd+Q), opened Safari and was able to login without a 2FA credential.
When a user removes an active session (or saved login location), any new login attempts should be seen as a new computer, and thus prompt for the credentials setup by the user logging in.
I was able to get Box to prompt for…
1 vote -
Password Protect Folders Designated as "Invited People Only" Collaborators
I would like to add passwords to folders that are tagged as "Invited People Only" to increase the level of security on the content. I would like to create a folder that is shared only with invited people, and also add a password for the folder to ensure content is as secure as possible, e.g., pre-lease earnings reports, HR terminations, pending litigation, etc.
2 votes -
Wildcards for Allowedlisted domains
Allow for * wildcard domains for allowed domains on enterprise settings.
1 vote -
Watermarking only for downloads
Watermarking in the Box view is intrusive. Allow for water marking feature to be marked as an option for downloaded materials only.
3 votes -
Infinite redirects in SSO-enabled mode when a user's password expires
In SSO enabled mode, you can sign in with a password. When a user's password expires, they are forced to change their password. If you try to sign in with SSO in this situation, you will be redirected indefinitely and you will not be able to sign in.
In this case, Box should redirect to the password change page after accepting the authentication.
1 vote
- Don't see your idea?