Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
375 results found
-
Make 2FA by e-mail work for the accessible-site
Make 2FA by e-mail work for the accessible-site
1 vote -
Password updates
Login passwords currerntly enforce unnecessary format restrictions that are hindering the use of password generators. Characters < > cannot be used, and there also is a requiement to include at least two digits. Most hashing password generators use all printable characters (as they should), and ensure only the occurrence, but not the quantity, of character classes, i.e. 1 of each printable chartacter classes (uppercase, lowercase, numeric, special).
Suggestion: allowing all printable characters and only requiring a minimum of 1 character from each intended class (occirrence only) would make Box login passwords compliant with the vast majority of hashing password generators…
1 vote -
Whitelist domains on External Collab folders
We want the ability to be able to whitelist a domain on a specific folder for users for users of a business, within our External Collaboration folder which we use for our clients. EG, if the folder is to be collaborated with by our client "Acme", eg then:
FOLDER: External Collaboration > Customer > ACME
ACME Folder: Whitelist domain acme.com
1 vote -
Department of Defense (DoD) impact level 5
Department of Defense (DoD) impact level 5
1 vote -
Yubikey integration with Box MFA without SSO
Yubikey integration with Box MFA without SSO
1 vote -
Box Virus Scan turned on by default
Box Virus Scan turned on by default
1 vote -
Restrict access to Box from certain countries
Can you add feature in Shield where you can allow admin to restrict access to box from certain countries?
5 votes -
2FA - Option to select SMS or Email as opposed to both
Hi all,
We would like to have the option to select SMS as a 2FA method without having to have email as an option.
Back in April last year Box introduced the option to have email as a 2FA Method. Unfortunately we can’t have Authenticator app and SMS but no email as a setting. Either it’s Authenticator app only or we have to enable emails too.
On productions we go for the Authenticator app as that’s the most secure option, but one of our subsidiaries would like to give the option for SMS too.
Enabling emails is a major security…
3 votes -
password reset scheduling during holidays
I am writing to request consideration of scheduling password changes to avoid peak vacation times. As a citizen developer, I do not have a dedicated team to manage these changes and it can be difficult to find time to complete the updates while also taking time off for vacation.
I understand the importance of regularly updating passwords for security purposes, but I believe that scheduling these updates during times when fewer people are likely to be on vacation would minimize disruptions and make it easier for everyone to stay on top of this important task.
1 vote -
"Remember me" added to login
The need to constantly log in multiple times throughout the day when using Box.com is just absolutely an awful experience. This is especially true with integrations. Every time I close a browser window and then click a link, I have to log in again. We use Box as a source for all of our content for an agency so the number of logins is high. And when we receive a link to a piece of content, we have to click "Go to my account" to log in again, which takes us to the homepage, forcing us to click the link…
1 vote -
MFA option to be TOTP or SMS or Email
When the MFA option is released currently the option is:
1. TOTP
2. TOTP or SMS or Email.Can you make it a check list so we can enable the one we want?
For example, I only want TOTP and SMS.7 votes -
Enable option to turn on Optimal Character Recognition (OCR) for all documents
Enable option to turn on Optimal Character Recognition (OCR) for all documents.
This is important for Search and Data Leakage Prevention (DLP)/Ethical Walls.
E.g. a Driver's License, Passport, etc. image gets uploaded, then Box DLP doesn't recognize this today.
3 votes -
Add collaborators automatically upon request from who wants the access.
When a new collaborator is identified but not added as a collaborator yet, he/she needs to wait until permission. To reduce this idol time, automatically permit access first upon request. Check the collaborators afterwards if required. Existing folder collaborators can designate the folder that needs this function.
1 vote -
Provide easier ways to extend collaboration expiration
Similar to the existing post below but the request is a bit different.
https://pulse.box.com/forums/909778-help-shape-the-future-of-box/suggestions/36108211-bulk-extend-collaboration-shared-link-expirationWe have folders where there are over 100 collaborators to extend on a certain cadence and need to click the "clock" button over 100 times, which obviously is so painful. We would like to have the ability to click "checkbox" to select collaborators to extend and update them in one shot.
2 votes -
Enable 2FA renewal requirement options for external collaborators
Background:
2FA for external collaborators does not require a re-2FA. The only way an external person will have to re-2FA is if they switch browsers or clear cache/history. I have an external user that set up 2FA in November of 2021 that hasn’t had to re-2FA to our box environment since. It has been so long that she didn’t even remember setting it up (it is Aug ’22 now). The current box 2FA implementation effectively moves the security away from box and on to the end user’s device / environment. Being external partners, we have no insight into how secure…7 votes -
The option to separate file and folder permissions for a specific folder tree.
We have a folder structure that we use for our external partners where each external entity has their own subfolder. Our internal user community needs Editor permission to manage the files – move, delete, and rename but that gives them the ability to accidentally drag one external partner’s folder into a direct competitor’s folder. This would be a disaster. If I could give our internal users File-Editor and Folder-Viewer Uploader permissions the likelihood of the above mistake would drop significantly.
1 vote -
Greater flexibility in watermarking configuration
Based on our documentation:
Rasterized watermarking only (default) - Provides increased security, but no resolution scaling, no searchability, no clickable links, a moderate file size overhead, and reduced usability. This watermark type can't be removed without damaging the underlying content.Customers that want to follow a higher level of security protocol when watermarking files currently have to choose which approach is more important at an EID level.
Watermarking configuration should have greater flexibility so that the choice of rasterized or vector based watermarking is done at either a folder level OR via the shield policy assignment OR both.
This provides…
1 vote -
Automatic actions based on alerts
We would like to be able to set automated actions based on alerts. For example if Box detects anomalous download with a risk score higher than e.g. 60 or a set threshold of number of files, the user’s account will be locked to stop further downloads.
A message should then be sent to the user and IT admin that it has been locked due to anomalous download detection. Then IT need to do a investigate and take action, or reactivate the account if it is a false positive.
The pain point of not having this option is that the current…
1 vote -
Check the details of SSO for external collaborators
We can require 2-FA for external collaborators, but for external collaborators using SSO, Box does not check for whether users pass multi-factor authentication. Please add the ability what kind of authentications(ID/Pass, MFA, Device check, IP address limitation, etc) does external collaborators passed on SSO.
20 votes -
Need guest authentication by own AzureAD for external collaborators
We can require 2-FA for external users, but it’s not enough security level to some customers. So, please add the ability to require guest authentication by own AzureAD for external collaborators.
19 votes
- Don't see your idea?