Skip to content

Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

375 results found

  1. Hardware security token for 2FA / MFA / Yubikey

    With the broader support of passkeys , I would like to suggest a phishing resistant WebAuthn based Authentication option for Box.

    This would open up future possibilites for convenient and secure FaceID/TouchID/Yubikey/etc authentication.

    Insurance companies are requesting it and I am sure all Box customers would benefit.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. MFA self reset up

    Currently, when a user get locked out from their own account when the MFA is turned on, they need to contact Box support team to get it usable again.
    It would be great if users can self reset from the login screen without submitting a support ticket.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Allow exceptions for users/groups when setting shared link expiration at org level

    We have auto-expiry and prevent users from modifying the expiration. We want to allow exceptions to either user/group/specific folder so we could have permanent links for storing files for web or other projects.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Ability of business to enable/disable password protection of documents/folders function

    The functionality allowing users to password protect documents and folders, should be manageable at the top level, as this function may cause problems with managing content if over used by users.

    A simple enable/disable toggle for each group of users (Previewer, Editor etc) - so that users may/may not have the ability to password protect documents/folders depending on their permissions in particular locations

    Admin Console - reporting locations and details of password protected documents and folders

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Remove password protection without losing shared link

    It should be possible to remove password protection from document or folder, WITHOUT removing/losing the shared link itself

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Confirmation of document file protection password on setup

    When setting up a password to protect a document or folder, the window to enter password on, should have a second box to re-enter the password, to avoid setting passwords incorrectly

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. MFA option to be TOTP or SMS or Email

    When the MFA option is released currently the option is:
    1. TOTP
    2. TOTP or SMS or Email.

    Can you make it a check list so we can enable the one we want?
    For example, I only want TOTP and SMS.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Multiple IDP Support for Login

    While Box Supports Multiple IDP connections to a single tenant, it is not possible without the tenant to provide a landing page for login. This is something that multiple other providers already support, and asking the customer to supply their own login page to access Box from multiple IDPs hurts both Box and the customer.

    This hurts Box because instead of creating managed and secure users, I now need to juggle 3rd party users and treat them as guests rather than full users. ($)

    This hurts customers by not allowing us to administer policies easily for end users as a…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Allow setting passwords on folders

    Setting passwords on files is good, but we should be able to set passwords on folders (at any level of a folder structure). The ability to set passwords on folders should be limited to owners and co-owners.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. malwarebytes

    One of the restrictions you can place on Box sign-ins is verifying appropriate antivirus is in place. For the Mac side, Malwarebytes is not one of the allowed antivirus solutions, but it is what we have deployed at our company. Please add Malwarebytes to the allowed list of antivirus solutions on the Mac.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Use Box (cloud, not drive) as browser's download location

    I need a solution for preventing files downloaded from the web from being saved directly to my device. This puts sensitive client information on the device and requires me to delete the file after uploading it to Box, and hackers can still find information on a hard drive that has been "deleted". It would be much more secure if I could select Box as the browser's location where all downloads are stored. It seems this should be possible with Box's browser extension.

    Box Drive is not an acceptable solution for this since it is just as accessible as all the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Forensic watermarketing

    Teams with highly sensitive embargoed (pre-release) assets really needs this in order to track exactly who leaked sensitive data without the leaker knowing they're being tracked (e.g. the blue is a slightly different blue for everyone who downloads, or the text is a slightly different gray for everyone who downloads).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Separate Allow and Block Lists for both Inbound and Outbound Collaboration

    With regards to external collaboration, one can either enable external collaboration with any external domain (for both inbound and outbound collaboration), or one can specify an allow list of external domains for both inbound and outbound collaboration. We have different requirements with regards to inbound and outbound collaboration.

    As such, we would like fine-grained control over both inbound and outbound collaboration domains. We may want a block list of inbound collaboration while having an allow list for outbound collaboration (or vice versa.)

    Definitions:
    Inbound collaboration: an collaboration invite from one's own Box tenant to an external, unmanaged account
    Outbound collaboration:…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Restrict access to Box from certain countries

    Can you add feature in Shield where you can allow admin to restrict access to box from certain countries?

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Restriction of the link icon for specific folders

    There have been cases of employees accidentally clicking the link icon for "Create and copy a shared link" while working on the web site.

    In order to prevent such cases, is it possible to implement a function to enable or disable the link icon for specific folders on Box?
    I would like to have a function that can be set for each folder.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Real time alert if user accesses Box from a new location/device

    Currently we get a Daily Login Activity report. This is a daily report and most important piece of information on it is report of new logins with information like user, device, time, and IP address..

    Unfortunately this is daily and can only be on or off.

    Requesting the ability to enable real time notification instead of the daily.
    As it relates to security, immediate notification is critical for unauthorized access.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Real time alert if user accesses Box from a new location/device

    Currently we get a Daily Login Activity report. This is a daily report and most important piece of information on it is report of new logins with information like user, device, time, and IP address..

    Unfortunately this is daily and can only be on or off.

    Requesting the ability to enable real time notification instead of the daily.
    As it relates to security, immediate notification is critical for unauthorized access.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Box to prompt for a large data or folder deletion.

    Box to prompt when a user is trying to delete more than X amount of data. OR Y amount of files from Box. Box to ask user to type something specific like “confirm”, “delete” or their email address in order to proceed with the file deletion.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Deleting all active shared links in bulk

    I want to delete all the active shared links within our Company but the only way to do this is sending a report to each user for them to do themselves. As admin I would like to be able to do this every for example 3 months. This would help keep information secure by not having lots of shared links that have been forgotten about active,

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Check the details of SSO for external collaborators

    We can require 2-FA for external collaborators, but for external collaborators using SSO, Box does not check for whether users pass multi-factor authentication.
Please add the ability what kind of authentications(ID/Pass, MFA, Device check, IP address limitation, etc) does external collaborators passed on SSO.

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base