FileMaker 14 Platform Brings New Security Features

The newly released FileMaker 14 Platform contains a number of security enhancements, at least one of which has significant potential to strengthen Platform security and to close a significant vulnerability.

For many years users of FileMaker Pro on the Macintosh OS platform have been able to save database credentials in the Macintosh KeyChain.  And with the advent of Windows 7, FileMaker Pro users have also been able to save credentials in the Windows Credentials Manager. We should note that is separate and distinct from Single Sign-On capabilities managed by External Server Authentication and Active Directory on the Windows OS.

All of this is convenient.  However, it also presents a vulnerability, inasmuch as it allows anyone with access to a machine to access the hosted databases without having to know the proper credentials. It can also present unexpected results, because such stored credentials take precedence over any a user might enter manually.  If database passwords are changed, then the stored credentials are no longer correct.  This causes error messages to appear, often to the confusion of the users and server administrators alike.

In FileMaker® Pro 14, developers can block the ability to store credentials and to use ones previously stored. This is done at the file level in the File Options pane as shown below.  By default the option to store credentials is blocked for newly created files in FileMaker Pro 14.  For files initially built in earlier versions and then converted to version 14, the option is enabled by default.  Developers must disable the ability to store credentials for files converted from earlier versions. This is a subtle distinction, but an important one.  Developers should note this difference in behavior.

     

Another new feature is the introduction in several places in FileMaker Pro 14, and in FileMaker® Server 14 as well, of password strength meters.  These meters are similar to the one already found in FileMaker® Pro 13 Advanced for the encryption password. The meter will tell the developer whether the selected password is Weak, Moderate, or Strong.  Strong passwords are the most secure.

What constitutes a strong password? Generally in the FileMaker developer community there is a belief that longer passwords are more secure than shorter ones.  This is not a correct belief.  Length is an important attribute of password strength.  However, it is not the only consideration.  Complexity is another attribute, as is entropy. Complexity refers to the alphanumeric mix of characters in a password or passphrase.  Entropy refers to the degree of uncertainty of a random variable that the password or passphrase exhibits.

Consider these examples:   

Maryhadalittlelambitsfleecewaswhiteassnow is a 41 character passphrase. $$todonuts4meanddonutsto$foryou is a 32 character passphrase.  However, the first one registers as Weak. The second one registers as Strong.

Another new security feature relates to the use of SSL for progressive downloading of container field contents in hosted files. In earlier versions, even if SSL for encryption of data in transit were invoked, contents of container fields were not encrypted in progressive downloads.  FileMaker Server 14 now allows for the use of SSL for such downloads.  This requires a custom SSL certificate; developers and server administrators configure this option in the Server Admin Console as shown below.

Another new security feature involves a change in the User Interface options for configuring security settings in files.  In addition to the previously existing system, that remains fully in place in the new version, there is also a new, abbreviated version targeted at new users and at others not familiar with the legacy structure.  The new system allows creation of Accounts and Passwords and linking to Privileges. The name of the new User Interface is Basic Security. The previously existing, legacy system has been renamed to Detailed Security.

Finally, there has been a significant change in the FileMaker Server Sample File from the one available in earlier versions.  Prior to FileMaker® Server 14, the Server Sample File had been a completely open file that opened by default to the [Full Access] Privilege Set. This behavior introduced a significant security vulnerability onto installations of FileMaker Server.  I discussed that vulnerability in the BLOG post found here: http://fmforums.com/blogs/entry/777-protect-your-filemaker-server-and-files-from-a-vulnerability/

 

I am pleased that in FileMaker Server 14, this vulnerability insofar as it relates to the Sample File has been closed. When the Sample File opens now, it is with a restricted set of privileges.