Secure Password Storage

[HannahT]

I've been using the demo version of 360works email plug-in. My solution has multiple accounts that need SMTP verifications (all Microsoft outlook accounts). I don't want to store the emails + passwords in my database, but because of the frequency for which these emails must be sent also don't want the user to have to enter their password in more than a few times a day.

 

Any suggestions?

[ryan360Works]

Hi HannahT,

       You could store the password in a global variable. In a start up script, prompt the user for username and/or password for their email and store that information in global variable(s). You can then reference the variables in your script. This would mean users type their password in only once, not store sensitive information inside your database, and the variables are destroyed once the database is closed. 

[HunterBoss]

Ryan,

What constitutes closed?

What if the database is on a server?

Have you seen anybody work with a password manager and use an API to get the credentials?

Thanks

(Also, full disclosure. It's my solution Hannah's working on.)

[ryan360Works]

When the file is local, globals will persist and not reset when the database is closed. However it is a hosted file, closing the database will reset global variables back to the value they were set at when the file was uploaded to the server.

I haven't seen a solution that uses a password manager and an API but as long as you can get the data into FileMaker and reference it in a script then it should work.