Remove External Password once Done
I would love to see the ability to remove/disable the External password after it has been used. We have many users who only need it once or twice for something niche, but once it's set you can't undo it meaning they're stuck rotating that password every 90 days, forever, despite us being on SSO.
Disabling this closes a login method that's no longer needed which is overall more secure, and removes a large inconvenience.
-
AdminJacques (Product Manager, Box) commented
Thank you for the feedback.
Even with SSO required for your organization, external passwords are still necessary to login to Box for FTP, WebDav or some 3rd party applications. Therefore a general setting (at the enterprise level) to disable these external passwords might have serious usability implications.
However, if you have a list of users that don't need such functionalities and should not be prompted to reset their password, I encourage you to contact product support to fix the issue.
Regards,