04evildave Posted March 18, 2006 Posted March 18, 2006 Hi. I've developed an application (point of sale) in FM7. I've made it into runtime, and put it into about 10 places, and it works well. Now I have a few places about to put it onto 2-computer networks, which means it can't be a run time solution, and that they'll have to put in Filemaker 7 pro. What I'm worried about is some evil-doer, copying the file and then distributing copies etc. I've set the file to open as a guest, with the login user47, and I have a strongly passworded administrator login (which no-one could ever guess, or even knock down with Brute Force). My question is: Is this enough? Would any filemaker professional (or any computer officianado) be able to copy the file and crack it open? I'd love to hear your advice? Dave :qwery:
Reed Posted March 18, 2006 Posted March 18, 2006 Someone can always crack your file if they're given physical access. (your runtime files are no better protected than regular fp7 files) The only way to stop someone from getting administrator access to the files is to use the developer utilities to remove admin access completely.
Inky Phil Posted March 19, 2006 Posted March 19, 2006 And if you do that remember that YOU wont be able to get in there either Phil
T-Square Posted March 20, 2006 Posted March 20, 2006 Reed-- You're the second person who's suggested that Filemaker's passwording for accounts is not secure (Wim also hinted at this in my recent post in this forum about data security). Could you please be more specific? Is there something about Filemaker's encryption of passwords and files that makes it less secure than, say, the username/password system in Linux? Dave has already indicated that his password is not guessable--so what does physical access give to end users? While it is conceivable that someone with a multiple-processor machine dedicated to cracking his password could do it, how is that any better than anything else? How likely is it that someone with such a machine is going to do that? David
Reed Posted March 20, 2006 Posted March 20, 2006 http://www.lostpassword.com/filemaker.htm The above product can unprotect any filemaker file that's not protected by the aforementioned developer tool...It's not that the password is guessed, it's just removed. It's not that FM is more insecure than anything else.... give someone time and physical access to any computer system and they will get in...
04evildave Posted March 23, 2006 Author Posted March 23, 2006 Sorry to be ignorant, but how do I remove admin access anyway? I tried to do it via Accounts and Settings, but I got the warning: There are no active Fuilemaker Accounts that use the Fulle Access priviledge set. There must be one account like this..... I can remove the admin, when I put the file into run-time, but I can;t work it out if I'm keeping it in normal FP7 format (ie to use on 2 computers) Thanks again?? Dave
Fenton Posted March 23, 2006 Posted March 23, 2006 It's one of the options in the Developer Tool. You do not have to make a runtime to do this (it's more like renaming files). Be sure you're done with those files however, as there's no more "I'll just fix that one little thing" for those files. Of course, you still have the originals and can redo the thing.
Steven H. Blackwell Posted March 23, 2006 Posted March 23, 2006 I should note that while removing the [Full Access] account is a good idea for protection of Intellectual Property, it does not prevent the duplication of the file and its use in multiple locations. Additionally, depending on how you've structured the Privilege Sets that remain to open the file, persons could still extract a lot of information about your file from scripts, value lists, file references, design functions, etc. See http://www.filemakersecurity.com Steven
Recommended Posts
This topic is 6819 days old. Please don't post here. Open a new topic instead.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now