Skip to main content
Enterprise settings define how Box works in your enterprise, and the settings in the Security tab define settings for security and access to Box. This topic contains the following sections:

​
Signup and Login

This section allows you to set up options for managed users to create accounts and sign in.

​
Multi-Factor Authentication

This section allows you to define requirements for multi-factor authentication (MFA) and 2-factor authentication (2FA), or 2-step verification, for managed users and external users who login with a username and password. (This MFA setting is not available if you use single sign-on (SSO) because in that case, multi-factor authentication is configured by your SSO provider.)

​
Managed Users

​
External Collaborators

​
Password Requirements

This section allows you to define password requirements.
NoteIf your enterprise account is SSO-enabled, these password settings apply to a user’s external “Box-specific password,” not the user’s SSO password. This is also where you can require strong passwords for external collaborators.
Note:If your organization has SSO (single sign-on) enabled, but not required, external collaborators who are informed that they must use a strong password must still update that password to access shared content.

​
Session Duration for All Users

NoteSession duration settings apply only to the Box web application. Any session duration limits set here do not apply to users accessing Box through any other Box endpoints (for example, Box mobile applications, Box desktop applications, Box Notes, etc.).

​
KeySafe

This section is visible only if your organization has added KeySafe to your Box service and if it has been configured by Box Support.