Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

need Get(UserPassword) functionality!

Saubs

By Saubs
in Security Concepts

 Share

This topic is 6254 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Saubs Collaborator

Saubs

Posted
Posted

After my users log in to my solution, a startup script invokes an applescript to mount a shared network volume.

My users are impatient and "don't get it" when it comes to security, subsequently they don't want to have to enter their username and password again at the network login prompt. So my goal is to retrieve their FileMaker username (using Get(AccountName) and password (using :)) to pre-fill the OSX "Connect To Server" window as the applescript executes.

Is there a way to retrieve the current user's Filemaker password using a 'GET' function, the same way I've retrieved his/her account name? Or any other way to accomplish this goal?

Many thanks--

Vaughan Grand Master

Vaughan

Posted
Posted

Passwords are NOT stored in FMP files (not since FMP 7) so there is no way to get the password through a function. Only the hashes of the passwords are stored.

The only method is to store the password in a Users table, but this is a major reduction is security.

Vaughan Grand Master

Vaughan

Posted
Posted

"How is security compromised?"

Because unless the developer sets up the privileges *really* well, anybody who can get into the file might be able to access the table containing all the other passwords.

The Shadow Experienced

The Shadow

Posted
Posted

If you have physical access to the filemaker file, you can easily obtain any textual data stored in fields via a hex editor.

Only served files should ever even consider having a user/password table, and even then its still a bad idea.

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

Good advice.

And in fact, often times, the easiest way to expose these "passwords" is simply to create another file with a table alias to the "password" table and then display the fields on a layout. This works about 95 times out of a hundred, because the people who created the "passwords" don't understand how FMP works.

There is a reason that FileMaker Pro does not store passwords in the file.

Steven

This topic is 6254 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept