http://store.neocodesoftware.

com

Securing Your FileMaker 7+ Database
For brevity and focus, this document assumes you’ve designed a secure database using FileMaker’s Accounts & Privileges. For more information on designing a secure FileMaker database, consult FileMaker support documentation or hire a certified FileMaker Developer/Consultant. The following items should be considered absolute minimum procedures for any FileMaker file (hosted or otherwise).
  

Secure the Admin account with a password. Disable the Guest account. Disable the “Login Using Account” File Option.

Secure the Admin account with a password
By default, each new FileMaker database is created with an ‘Admin’ account. This automatically generated ‘Admin’ account will have full access to the database and will not have a password. At a minimum, you must give this account a secure password. 1. Open Accounts & Privileges

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com 2. Open the Admin account.
2.1. Double click the Admin account.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com 3. Enter a Password
3.1. For optimal security, adhere to as many of the following criteria as possible:
     the use of both upper- and lower-case letters (case sensitivity) inclusion of one or more numerical digits inclusion of special characters prohibition of words found in a dictionary or the user's personal information prohibition of passwords that match the format of calendar dates, license plate numbers, or other common numbers

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com
3.2. Click ‘OK’.

4. Close Accounts & Privileges
4.1. On the ‘Manage Accounts & Privileges’ dialog, click ‘OK’

4.2. Verify that you know the Master Password by re-entering the Admin password & clicking ‘OK’.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com

Disable the Guest account
By default, the ‘Guest’ account is usually disabled; unless you’ve designed your permission structure to use the ‘Guest’ account, it’s always a good idea to verify the ‘Guest’ account before hosting your FileMaker database.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com 1. Open Accounts & Privileges

5. De-activate the ‘Guest’ Account.
5.1. Here the ‘Guest’ account is enabled.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com

5.2. Disable the ‘Guest’ account by unchecking the box in the ‘Active’ column.

6. Close ‘Manage Accounts & Privileges’
6.1. On the ‘Manage Accounts & Privileges’ dialog, click ‘OK’

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com

6.2. Verify that you know the Master Password by re-entering the Admin password & clicking ‘OK’.

Disable the “Login Using Account” File Option.
A file should only automatically open with a ‘limited access’ account when all security risks have been considered and accounted for. The steps below show how to deactivate the ‘Log in using’ feature.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com 1. Open File Options

7. Disable the ‘Log in Using Account’ settings.
7.1. In this case, the file has been defined to open with a default Account/Password. NOTE: this is not a recommended practice for local or hosted databases.

Contents Copyright Neo Code Software 2009

http://store.neocodesoftware.com

7.2. Secure the database by clearing the “Log in using’ checkbox and then click ‘OK’.

Contents Copyright Neo Code Software 2009

Sign up to vote on this title
UsefulNot useful