Jump to content

<sigh> Changing passwords on multiple files


HazMatt

This topic is 7736 days old. Please don't post here. Open a new topic instead.

Recommended Posts

FileMaker's shortsightedness makes me mad sometimes.

I've got 30 relational databases. All use FileMaker's built-in password support. Changing passwords is a very inconvenient process for solutions with more than one database. The problem compounds when each user is given a unique password.

I know there is at least one 3rd party plug-in solution that is supposed to handle this well, but I'm (or my company is) cheap. Plus I want to hold FileMaker accountable for this, as a large amount of FileMaker solutions are multi-database.

So

Link to comment
Share on other sites

Well, I've submited my "Feature suggestion" via their website, like I'm sure many others have done. ::grumble grumble::

Anyway, I actually tried sticking the Allow User Abort(Off) right before the Change Password step, and all it does is suppress the "Change Password has been cancelled. Do you wish to continue with this script?" I also tried an If Status(CurrentMessageChoice) = 2 statement like I have before, but hitting Cancel on the Change Password box is ignored.

I'm not seeing any reliable built-in method of password management.

Link to comment
Share on other sites

Go for the New Millennium Dialog Magic. It will help you to manage passwords.

We are using that plugin with another great one -- Simple Dialog from www.24u.cz.

We build security system, where FM built in security is used for Group security and not for user.

Users are login into user database and then NM DM is opening all FM files with group password, which is non-visible for users.

Users can change their password and administrators can allocate user to any group.

Link to comment
Share on other sites

You can see the solution I chose in my Starter Template in the Sample Files forum... I built my own user/password system such that it is a proper *single* database and such that I can get reliable user names when recording audit trails. It was largely adopted from a textbook solution... so you can even get the accompanying textbook-quality explanation of the system.

Link to comment
Share on other sites

Is my solution protected by FileMaker Security as well? Yes... though the normal user won't see it.

Basically you default through FileMaker Security to the normal user password that has most everything turned off... and then I explicitly provide everything I want you to have, gated by my security system. By holding option as you open the DB, you can put in the only other FileMaker password... the master password, to enable all the built in menus and such.

Link to comment
Share on other sites

So you have something like "try default password" and only 2 groups.

We consider that as security risk and we are not using "try default password", only in first, login file which will invoke the authorization. So even if users can get hold of data files, they will not open at all.

Furthermore we can have 4-10 different groups of users. But that is possible only with New Millennium Dialog Magic.

Link to comment
Share on other sites

Yes, 2 groups and it trys the default. And yes, you're right, it should only try the default on the Begin file. However, I think the posted database actually tries it on them all... though they all just close themselves unless they are being opened by the Begin file.

Security-wise, if users get hold of the data files, the data is there's for the taking... period... default password or not.

As for the database logic/design, that would be protected either way... yes, any user can "open" my relational DB, but they will only get to the login layout at which they can do nothing but try to login... the other files (the ones with content) won't open until a proper user name and password has been entered.

My user system does not implement groups, per se; rather it implements individual Privileges. But you can think of Privileges as groups, where users can be in as many different groups as you want... where each group is independent of the other groups. But if you just want groups, you can implement them using Privileges.

Link to comment
Share on other sites

  • 3 weeks later...

This topic is 7736 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.