Skip to content

Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

394 results found

  1. Require 12 characters for External Collaborator Passwords

    Currently, if 'Require Strong Passwords for External Collaborators' is selected, the external collaborator will be required to use at least 8 characters (along with additional criteria). The ask is to require 12 characters, rather than 8, for increased security.

    3 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  2. More possibilities regarding session timeout

    We find that the session timeout possibilities are somewhat limited. The jump from 2 days to 14 days is quite big - 2 days would log everyone out during each weekend, and would result in support tickets and 14 days are quite many. Something like 4 days inbetween would be great.

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  3. Custom User Role

    Currently under user role and access permission, we can only give a user "Member" or "Co-Admin" role.
    We would like the additional more granular role or provide us the ability to create custom role with checkboxes.
    Our goal is to have a new Role to allow a user to be able to maintain the Shields List for Email Address (Allow List for Email Addresses).

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  4. Allow users to see a list or report of links that -they have created-

    Allow users to see a list or report of links that -they have created- so that they can be requested to review any external links and clean them up to keep organizational data secure.

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  5. YubiKey - MFA option

    I'm wondering if Box would consider adding the YubiKey as an option for MFA - https://www.yubico.com/why-yubico/

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  6. Password reset is so laborioius

    You need to vastly improve the password reset experience. It takes me several minutes to set up a new password and I have to do this on multiple computers. For one thing, DON'T expire passwords. It doesn't improve security at all. Second, if you have to expire them, send me a warning a few days ahead of time. Don't just shut down my Box drive app. Third, I should be able to log in with my old PW and just reset there, maybe with a 2nd factor authentication, like a text message. Finally, the PW rules are too narrow. If…

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  7. Increase Password Reset Duration

    I would like to request admins have the ability to change the value for "Require users to reset passwords" to have "1 year" as an option.

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  8. Need multiple options for 2-factor authentication

    Please allow multiple options to receive a 2-factor authentication code. If I were to lose access to my cell phone or change the phone #, then I would be unable to receive a code via SMS and be locked out of Box.

    In addition, please ensure the options other than 2FA code via SMS actually are viable options. Right now, the authenticator option doesn't work - no QR code is generated by Box for me to scan with my phone. The e-mail option also doesn't work - I keep getting an error message that the default e-mail is invalid ...…

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  9. Ability to exclude service account from password reset requirements

    The ability to exclude Box Service Accounts email from required password reset by our enterprise. Our service account integrates with Salesforce and it breaks our connection when Box triggers a password reset.

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  10. Hardware security token for 2FA / MFA / Yubikey

    With the broader support of passkeys , I would like to suggest a phishing resistant WebAuthn based Authentication option for Box.

    This would open up future possibilites for convenient and secure FaceID/TouchID/Yubikey/etc authentication.

    Insurance companies are requesting it and I am sure all Box customers would benefit.

    3 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  11. Using Box with FTPS and MFA

    We would like to use automated scripts to upload files to Box using FTPS. We would also like MFA enabled for our internal users. Box has advised that:
    1. They do not provide service accounts to facilitate this
    2. They do not allow per-user control over MFA settings
    3. The process to login when MFA is enabled is manual and cannot be automated.
    4. FTPS only works with SMS MFA

    We would like the following product enhancements:
    1. Automated MFA Support: The ability for automated scripts to interact with MFA, perhaps through a secure token-based system or service account that…

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  12. Add permission to grant user access to see (list) of folders and files but not preview any content within the files.

    This would provide awareness to the user that a file exists and they can then request preview (or other) access from the owner/co-owner.

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  13. External user verification via TOTP for shared links

    Please consider adding a TOTP verification option for shared links. You could allow a link to be shared to an email address but require TOTP verification via that same email address. This would help verify that only someone with access to the email address we shared with can access the content without forcing them to signup for a free Box account.

    Thank you

    8 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  14. Closed folder structure

    "My Sign Requests", "My Canvases" and "My Signed Documents" folders are created as private folders technically by Box, without any admin intervention. When using a closed folder structure, these folders can still be used by users to build their own folder structures, as they become the owner of this folder. This counteracts the idea of a closed folder system and represents a massive security gap. Users can then build folder structures and content in our box instance without any control by the admin and share them with external users.

    These technically generated folders must therefore be restricted accordingly, or admins…

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  15. Hide older versions from certain collaborator levels

    When you share a file/folder with another user, no matter what permission level you give them they are able to see all older versions. It would be great if we could hide those from lower level collaborators like you can do with comments.

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  16. Folder-level access control

    Box needs folder-level access control so that you can assign a specific user access level to a specific folder and not have it inherit the "waterfall" (unwanted) access level. This has been an issue for many years.

    6 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  17. Create Annotations/Markups with Viewer Role with Watermarking Enabled

    When Watermarking is NOT enabled on files/folders, users with the Viewer permission are able to markup/annotate without downloading the file. As soon as Watermarking is turned on, that functionality goes away. The only option is to increase their permissions, which gives them rights to upload, which I do not want. Why does this functionality go away when Watermarking is enabled? Is this able to be fixed?

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  18. MFA self reset up

    Currently, when a user get locked out from their own account when the MFA is turned on, they need to contact Box support team to get it usable again.
    It would be great if users can self reset from the login screen without submitting a support ticket.

    4 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  19. Leverage the External Identity providers like OKTA to securely access the Box API’s.

    Context : Allow box subscription tenants to leverage the External Identity providers like OKTA to securely access the Box API’s.

    Use case: Tenants like us want to centralize the access to the APIs to our external vendors partners and internal teams. It is always beneficial to centralize the access using OKTA like OAUTH 2.0 providers and move to zero trust.

    1 vote
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  20. Make editing password protected shared links clearer

    When a shared link to document or folder is already password protected, and a user wishes to change the password, the password screen should be clearer as to how this is accomplished - possibly by an additional Change button or Confirm Changes

    Currently this is unclear

    2 votes
    0 comments  ·  Security  ·  Admin →
    How important is this to you?
  • Don't see your idea?

Help shape the future of Box

Categories

Feedback and Knowledge Base