Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
38 results found
-
94 votes
-
73 votes
Read more about this feature here: https://blog.box.com/enterprise-security-two-factor-authentication-external-users
-
Set Classification at a folder level and have files inherit that Classification
Folder level Classification - ability to assign a classification at the folder level so that any file that hits the folder or sub-folders will inherit that classification.
49 votes -
48 votes
We delivered support for TOTP as the second factor earlier this year.
-
External 2FA - use email instead of SMS
2FA for external users - have the option to have the second factor email instead of text. Or give the option for either text or email.
46 votesThis feature is available. Let us know if you need more details on enablement.
-
IP whitelisting (Web App only) for BoxNotes
We have heard that IP whitelisting with Web App only cannot control BoxNotes.
Could you improve IP whitelisting as you can control BoxNotes with Web App only?40 votes -
Open Shared Link Controls: 'Auto-Expiration' to Only Impact Open Links ('People with the link' links)
Currently, the Auto-Expiration setting for Shared Links, if enabled, applies to ALL shared links regardless of whether they're set to people with the link, people in your company, or people in the folder.
28 votesYou can control Auto-expiration separately for open shared links.
-
Ability to do a OR condition check between certificates and windows domain check in the Device Ownership requirement
Employees will have company provided laptops which will be on SE domains. Contractors or Bring your Own laptop crowd will receive security certificate through MDM solution and they would be able to access Box based on that. Pushing the certificate to all internal 100K+ laptops is a technical challenge.
22 votes -
Proper 2-factor authentication with TOTP not SMS
Using SMS for 2-factor authentication is oudated and insecure. Using TOTP is an industry standard and should be implemented.
20 votesThis feature is now available: https://support.box.com/hc/en-us/articles/360059934154-TOTP-support-for-MFA
-
16 votes
This feature is available. You can find more details on the API specs here: https://developer.box.com/reference/post-users-terminate-sessions/
-
can not preview the file in the open link folder when the watermark and password are set
can not preview the file in the open link folder the following settings
・Watermarking :on
・Password : setRequest:Improvement of the above issue
12 votesWe have delivered vector based watermarking, that solves this issue. https://support.box.com/hc/en-us/articles/4403555547795-Dynamic-multi-layered-watermarking
-
8 votes
-
8 votes
-
Maintain resolution of watermarked content.
Both previewed/downloaded watermarked files are difficult to view due to resolution degradation
7 votesWith the vector watermarking feature, the resolution of watermarked content can now scale infinitely.
-
Allow administrative "As-User' calls to bypass steps that require user intervention, such as accepting Custom Terms of Service.
As-User calls made by an admin, on behalf of the user, should not require any end user interaction to work. This supports API driven administration prior to making Box available to end users, which is common when deploying at scale or performing data migrations.
In particular, non-acceptance of Custom Terms of Service and Uncompleted Email Verification currently cause such calls to fail until the end user takes action to complete them.
makes the migration process overly complex.7 votesGreat feedback. Currently, there is no Email Verification required today for app users, and we do have a Terms of Service API: developer.box.com/reference#terms-of-service-object
-
MFA
MFA only supports SMS method which is very inconvenience and insecure! Hope you guys can support token-based methods soon. Thanks
6 votesBox supports TOTP.
-
Additional Device Trust granularity
We would like to do an ownership check (domain or cert presence) for certain groups of users but not ALL users. We would like variability by user/group: e.g. users to touch tax documents must work on company-owned device, while most employees must have non-ownership checks (like disk encryption).
6 votesThis capability has been released. Feel free to reach out to us if you need further details on enablement.
-
Watermarked PDFs should remain searchable
When downloading a watermarked PDF, users lose the ability to search content of the file. It appears Box is converting the file to an image on download. Text should still remain searchable
5 votesWith vector watermarking, we can now search through documents.
-
Multi-Factor Authentication for SSO required
We would like to be able to issue Multi-Factor Authentication (MFA) in addition to SSO required and for specific groups like external collaborators, contractors, and remote employees
5 votesThe option to require 2FA for external collaborators has been delivered earlier this year. This feature, while independent from the SSO configuration should answer to the original ask.
-
Improve Certificate Checking & Rotation Process
Proper certificate hygiene includes frequent rotation of certificates. In a large fleet of devices this may not be something that can be done instantly, so there should be a more flexible way to define what is trusted other than a single cert.
A generic cert can easily be copied from one device to another allowing a clever use to spoof the check on an unmanaged device.
5 votesIn April we released support for unique per device and have updated our cert validation mechanism to be more robust.
- Don't see your idea?