Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 2FA support in Czech Republic

    2FA is available in most countries, even by sms it is serious security improvement, Box already knows and uses 2FA anyway

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Proper 2-factor authentication with TOTP not SMS

    Using SMS for 2-factor authentication is oudated and insecure. Using TOTP is an industry standard and should be implemented.

    6 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    on roadmap  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. bulk manage Shared Links

    Provide a way for all shared links in an account to have their permission levels / access levels / expiry dates modified in bulk, rather than having to change each one individually which is extremely time consuming for large doc sets.

    115 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  16 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Upgrade from reCAPTCHA v2 to reCAPTCHA v3

    The pictures shown in reCAPTCHA v2 like traffic lights and crosswalks are vague, leading many users to fail to log in.
    As a result they would like Box to use reCAPTCHA v3 instead.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Device Pinning, "Last Check-In"

    instead of "install time" for device pinning, the customer would like to see "Last check in".

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. SSO exception

    Ability to have exceptions for SSO for specific amdin accounts/test users. Use case: there's a series of admin accounts we use that own folders/content in Box but aren't actual users. Now when we want to turn on SSO - we now have to have OKTA accounts for those accounts and test users, when we'd prefer to just do Box 2FA for those vs. SSO enabled for all

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add more details in device trust logs

    If device trust is checking for a setting (for example OS version), then the logs should show the actual version detected. This should be for every setting Box enables you to validate. It should also have more detail about the login attempt (hostname (not just IP address), OS, Box Drive vs Box web vs etc).

    Further there should be a new event in the logs, DEVICETRUSTCHECKPASSED, with similar details so that we know the check happened and what values Box found when authorizing the device. Only having DEVICETRUSTCHECKFAILED provides no audit trail for showing…

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Send a "here's how your items are shared" report to each user periodically

    One of the most common sources of security breaches is due to a user inadvertently sharing an item more broadly or for longer than they intended.

    A simple way to help limit those sorts of security breaches would be for Box to email every user a report periodically (configurable by the admin, but roughly monthly) that said "Here's how everything you own is shared with other people, and here's a link to the KB article that'll tell you how to fix it if it's not what you want", then showed a report of their folders, files, and shared links, with…

    70 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Create exceptions for auto-expiration of sharing and external collaborators

    We have auto-expiration on file sharing but often need to share files with external collaborators for an indefinite amount of time. We can't keep re-sharing the file. Same for external collaborators - we have auto-expiration but we can't keep re-sharing folders with them.

    6 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Get details on shared link without owner

    Airbnb and other companies when going through a large
    deprovision of accounts run into issues where someone shares a link of the file after the owner is
    no longer there and the collaboration is removed. But with just the file link, there is no way for the admin to get anymore details on the file.

    The feature request is the ability to get more details on a file through the link.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Box lock security

    We just discovered that a user with viewer-uploader permissions can unlock files which our team believes is an unacceptable security flaw. The viewer-uploader level of security is required for a user to create a folder within a folder that we have granted them access to, but other than that level of editing our external invited partners should not have the ability to manage a security feature such as unlocking a file or folder.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Authy 2 Factor Authentication.

    Include Vietnam in 2-FA or remove it from the list of countries in the menu when trying to add 2FA.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. True Client IP vs Accelerator IP in Audit Logs

    To improve download speeds, Box automatically leverages "accelerator" hosts on various cloud/hosting providers around the world. When this happens, the "client IP address" recorded in the audit logs is the accelerator IP address, and not the true endpoint IP address. This results in false positives in "impossible travel" analytics, and could result in false negatives. We request that the audit logs be enhanced to capture the true client IP and accelerator IP (where applicable) as separate fields in the logs.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. External 2FA - use email instead of SMS

    2FA for external users - have the option to have the second factor email instead of text. Or give the option for either text or email.

    23 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  7 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. "File Request Link" report similar to the "Shared Link" report

    Would like Org level report on what folders have "File Request Links" very similar to the "Shared Link" report. We need to report on what folders are shared publicly.

    29 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow SSO users to remove their external password again

    Since I as a user can set up an external password for my SSO account, I'd like to also be able to remove that external password when I no longer need it. This a) removes an unnecessary login method and therefore improves security and b) alleviates the need for me to regularly change a password I no longer have any use for.

    Currently this requires going through Box support (and potentially an enterprise's own internal support hierarchy before that, as in my case), whereas it could also be a simple link/button next to the "Change Password" link in my account…

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Hardware security option for Login

    So far there is no option of hardware security, like Yubico/ Yubikey or similar security keys that require physical identification (I have just checked with your service). SMS code/confirmation is a poor alternative. Please consider option to use USB computer security keys (Dropbox has it, so stay in line with competion, as you are much better!) https://www.yubico.com/works-with-yubikey/join/

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Cylance

    Please add Cylance to the list of Antivirus vendors as part of the Box Device Trust settings!

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Set default permission to Previewer

    We would like the ability to set the default permission to Previewer. Most users are not changing the default permission we have setup when sharing. Being able to set the default permission to Previewer helps us manage security even better.

    3 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Can we get a report that shows WHY a device failed Device Trust?

    Can we get a report that shows WHY a device failed Device Trust?

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 14 15
  • Don't see your idea?

Feedback and Knowledge Base