While administrators and managers shall be able see on a per-campaign-basis the percentage of tests which failed and trainings which were begun/finished - they must not see the individual results of each users.
The users must not be displayed in clear text, only anonymized/pseudonomized.
Access to this individual information must only be accessible either using 4-eyes-principle authentication for this information or by creating a special administrator role which may see this kind of personally identifiable information.

Can it please be considered for customers to have the ability to upload their own training documents or videos? Or modify the exiting training documents?

Customers might like to add their own training material into the Phish Threat site so it's more in line with their company. Would you please consider this or would we be reluctant to do so as we have some sort of duty to ensure the training is of sufficient quality and that covers the security topic well enough?

We would like to be able to let the user know that they have made a mistake by opening the attachment on the attachment campaign but we do not want them to be enrolled in training as it is too Americanised for us and we already have our own cyber security training.

Is there a way to send them the caught page with no training, or send them the caught page and add our own training.

We performed thorough testing during our trial phase of Phish Threat. Now our dashboard and reports are skewed, due to the test campaigns we ran. The ability to delete or clear data, so you can begin fresh would be great.

Add ability to add domains.

For example if I registered sophsos.com, I would like to be able to add it to my Phish Threat account and use it for a campaign.

I would like the ability to add a group of users to a new campaign from the campaign results screen.

The idea would be to look at the employee data from one campaign and take all of the users that failed and add them to another campaign in one fell swoop. That way we can target users that failed with another campaign soon after.

It would be helpful to have the ability to edit an exisitng campain so that you can rename it, maybe add more users etc.

To access Phish Threat, a user has to be granted Admin role. I would like more granual control over roles and permissions, so i can give the ownership of Phish Threat to someone without giving them access to everything else - Encryption, Endpoint Protection, Email Gateway, etc.

Ability to choose at which step users will be automatically enrolled in the training. A user opening the email should already be enrolled so It would be great if we can choose the training enrollment trigger.

It would be great to have a way to set up automated/scheduled reports to be emailed.
This feature would allow us to easily provide reports to our management team and compliance officers on a consistent schedule without having to tie up an administrators time pulling reports, exporting them and compiling them into email.

I would like to be able to send reminders for an outstanding campaign. The initially scheduled reminders were not completely effective in getting all participants to complete the training (in fact, just over 50% completed training, with 6 reminder emails sent!). I would like to be able to send reminders for all of those who have not completed training, at the push of a button. As I've requested previously, I'd also like to be able to inform managers of status of their employees at the push of a (different) button.

It would be nice if we could specify our normal business hours under General Settings or for a specific campaign so that emails would only be sent out during that time frame. We're finding that some users are not seeing emails due to sending out at odd hours.

As SaaS Provider of Phish Threat, they would like to share the same customized attack mail template between multiple tenants. Therefore, export/import feature is necessary for avoiding customizing per each tenant.

Currently, it appears you are only allowed to choose 1 training for a training campaign. For us, it is a requirement to assign multiple videos/training to users. For example, we would like to assign both "Intro to Phishing and Password Overview" to all users in our organization to meet policy requirements. However, it is cumbersome and confusing to users if we assign multiple campaigns. Users then get multiple emails. Please introduce the feature to assign multiple training for one campaign.

Currently, depending on the campaign type, the user fails the campaign when they do the action the campaign is testing. It would be nice to be able to manually fail users in a campaign. For example, if I ran a credentials harvesting campaign and a user clicks the link but doesn't enter their credentials. The system wont mark them as fail. However, in our opinion that is a failure. I would like to be able to manually mark the user as failed the campaign.

It would be neat if we could tell PT to send managers a summary of any active campaigns (e.g. once per week) so they know who of their employees is enrolled, and whether they have passed/failed the campaign or quiz.