Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Show the password when typing to avoid typo's

    Add an option for the user to see the password they are typing to avoid typos when sending to the client. At the moment, there is no option to see what you have typed until the client is telling you that the password doesnt work. Especially with caps, symbols etc.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Co-Owner should be able to confirm the destination of the file (or the user who operated it)./Co-ownerにもファイルの移動先(あるいは、操作したユーザー)確認をできるようにしてほし

    We know that if we want to know where a folder has been moved to, we can ask the administrator to output it from the report.
    However, We would like the Co-owner to be able to check the destination of the file (or the user who operated it) in case of urgency.

    (In Japanese)
    フォルダの移動先を知りたい場合、管理者に問い合わせる事でレポートから出力する事が可能である事ですが
    急ぐ場合にCo-ownerにもファイルの移動先(あるいは、操作したユーザー)確認をできるようにしてほしいです。

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2fa

    Title: 2FA – Session Level NOT Machine Level

    Category: 2FA

    Idea:

    After enabling 2FA:

    Steps followed:

    Quit Safari (v14.0.3) (Cmd+Q)

    Launch Safari

    Navigate to account.box.com/login

    Login without 2FA (2FA enabled)

    As a separate test, I also removed my Safari session from Box security, quit Safari (Cmd+Q), opened Safari and was able to login without a 2FA credential.

    When a user removes an active session (or saved login location), any new login attempts should be seen as a new computer, and thus prompt for the credentials setup by the user logging in.

    I was able to get Box to prompt for…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Wildcards for Allowedlisted domains

    Allow for * wildcard domains for allowed domains on enterprise settings.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Two factor authentication as standard for business customers

    Two factor authentication is the standard for securing accounts. I was therefore surprised to learn that enforcing two factor authentication on the business subscription package is not an option. Requiring two factor authentication is only available on the top enterprise price plans.

    This is disappointing, as it means businesses customers who use Box, their staff can bypass any requirement to use two factor authentication. It increases the risk of a breach of company data due to a bad password practices by an employee, like using the same password across many different services. Without two factor authentication the company data is…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. 2 factor authentication

    Just been chatting with the support guys ... When turning on 2FA, the first log in prompts for the auth code. However, every login after that drops back to just asking for username/password. (unless you clear your browser down every time !)

    for 2fa to be effective, the system should ask for the auth code at every login otherwise there is no point in enabling it.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Change configuration shared links - expiration policy

    Currently it is possible to configure an expiry policy for shared links for a period of up to 10 years, the logic in which this option is programmed is contradictory in itself.

    Once this policy is implemented from the administration console, expecting that links can be removed/expired after a certain period of time in order to have more control and security over the shared content the end user can simply remove this setting (expiry policy) at the time they are creating their shared link.

    The end user is practically overwriting the configuration at the environment admin level.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Shared Link Password Policy

    Much like the default link expiry policy we would also like one specific to forcing passwords for shared links and preferably being able to define that policy with minimum characters and complexity.

    Bonus would be passwords that are auto-generated and viewable by the creator of the shared links to minimize the need for external tools.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Infinite redirects in SSO-enabled mode when a user's password expires

    In SSO enabled mode, you can sign in with a password. When a user's password expires, they are forced to change their password. If you try to sign in with SSO in this situation, you will be redirected indefinitely and you will not be able to sign in.

    In this case, Box should redirect to the password change page after accepting the authentication.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Set "SSO Required"/"SSO Enabled" for each user

    The current "SSO Required" is for all managed users.
    When creating "administrator user and general user" as a managed user, there are the following problems.
    -It is necessary to create an administrator user ID on the IdP side.
    -When accessing as an administrative user, it takes time and effort to log in from the IdP and access Box.
    -A license fee will also be charged on the IdP side.

    If we can set "SSO required" and "SSO enabled" for each user, the problem will be solved.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Copy All Folder Settings when copying a Folder

    When copying a folder, all folder settings should be copied over as well (or have the option to do so). As is, some settings do copy over while others don't. For example:

    Can Copy: Restrict Collaboration to within ETF, Disable Commenting, Shared Link Access, Watermarking, Uploading (Overwrite files) and Email notifications
    Won't Copy: Only Folder owners and co-owners can send collab invites, Hide Collaborators, Allow Uploads to this folder

    This would be especially useful when copying a template folder with a folder structure that needs the same settings when copied for a new project/customer/etc.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Smart Access Behavior/スマートアクセスの挙動について

    Smart Access Behavior

    >>>[Restrict managed users] > [Restrict all users except owner/co-owner] is selected, editors and viewers will not be able to move and copy operations.

    >>>Restrict managed users > Restrict all users except owner/co-owner and editors is selected, you will not be able to copy the viewer.

    When using the above Box classification and Shield features (access policy), the settings will be applied to files but not to folders, even if they are set.

    When a user with editor privileges copies a folder, all copies are made.
    I can copy and move folders, but I can't download the files…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Timed logout out option with inactivity

    Would like to elect to have a timed log out option. For example if you set 10minutes or 1hr of inactivity you would be automatically logged out like a banking website.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Proper 2-factor authentication with TOTP not SMS

    Using SMS for 2-factor authentication is oudated and insecure. Using TOTP is an industry standard and should be implemented.

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    on roadmap  ·  5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Password Protect Folders Designated as "Invited People Only" Collaborators

    I would like to add passwords to folders that are tagged as "Invited People Only" to increase the level of security on the content. I would like to create a folder that is shared only with invited people, and also add a password for the folder to ensure content is as secure as possible, e.g., pre-lease earnings reports, HR terminations, pending litigation, etc.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. According to BOX, this is what is being Watermarked “For App Users, it is their user id and current timestamp. The default watermark cannot

    According to BOX, this is what is being Watermarked “For App Users, it is their user id and current timestamp. The default watermark cannot be customized at this time.”
    Right now the Watermark is their “USER ID”, and we need it to be their USER NAME or NAME.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Independent back-up of files in box

    In allot of professions, regulatory requirements require for us to have an independent back up of the files. With today's increased ransomware where they freeze your files, having an independent back-up is a great idea. I propose for Box to have all the files backed-up to a third location where its stored for access if needed. What happens if someone deletes a file by mistake or get all the files deleted. Having a site as back up will be a great idea. Filed could be backed up once a week. And I can tell you I will pay extra for…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Two-factor authentication with authenticator apps

    It should be possible for 2FA login to be via an authenticator app as opposed to SMS. This is arguably more secure and more convenient and something competitors offer.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Device Trust documentation and error message should explicitly describe encryption requirements for external drives

    The Device Trust message is misleading as it states “All internal disks must be encrypted” when it should state “All disks must be encrypted”. In addition, the language under Setting-Up-Device-Trust-Security-Requirements here https://support.box.com/hc/en-us/articles/360044194993 states "Require all disks to be encrypted: Helps protect against data loss by requiring disk encryption software" but it only describes in detail internal disk encryption. It would be helpful if it stated here that all external disks must also be encrpyted.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 15 16
  • Don't see your idea?

Feedback and Knowledge Base