Secure Enough?

[carguy86]

Is Filemaker Pro 10 Secure enough to store things like Account numbers, username, passwords, etc?

I know there are many "crackers" out there...I want to make sure that if this information is indeed stored in the database that if the file was to fall into the wrong hands that it could not be cracked.

I thought of using a Sparse image on Mac, but they cannot be opened on Windows Machines...

[Fitch]

http://tinyurl.com/4yx8qty

[carguy86]

http://tinyurl.com/4yx8qty

Well THAT was incredibly helpful, not.

As I said in my post, I am aware of the multitude of programs out there to crack the program.

Is there a way to make it more secure?

[dansmith65]

My understanding is that regardless of the storage system, if a malicious user has a local copy of it, they will be able to crack it, given enough time.

Therefore, the goal is to never let your database itself fall into the hands of a malicious user; always make sure they are required to access it over a network.

Beyond that, I cannot help.

[Steven H. Blackwell]

It kis not a good practice to store the passwords as a data element in a FileMaker Pro database.

FileMaker Pro itself does not store passwords in the file.

Why do you want to store passwords? There may be a better way to accomplish whatever you're trying to do.

Removing the [Full Access] Accounts with the Developer Tool utility significantly inhibits the crackers' ability to work.

Steven

[carguy86]

Steven,

What I am after is actually storing my bank account information, credit cards numbers, etc, and online account informaiton in this database, basically my whole life. So that in the event of my demise my Wife would have access to all this critical information with a simple login (a cryptic password for sure!). Sure I could hand write it, put it in our Fireproof safe, etc, but that brings with it the problems of water damage, theft, unrecoverable fire, etc.

If I were to remove the admin functions I would no longer be able to modify the file myself would I? (As far as layouts, scripts, etc) This layout is actually part of a bigger database that I designed to manage our finances.

I suppose I could store this information in a separate FM file, then remove Admin access from it, then reference it from my main database? Would that be secure-er?

[Fitch]

If I were to remove the admin functions I would no longer be able to modify the file myself would I?

Pretty much:

http://fmhelp.filemaker.com/fmphelp_11/en/html/fmpa_tools.24.9.html#1028118

I suppose I could store this information in a separate FM file, then remove Admin access from it, then reference it from my main database? Would that be secure-er?

But then wouldn't you have the same problem if someone got access to your main database? Seems like turtles all the way down.

Sorry for my previous post, I see now that you did say in your original question that you already knew FileMaker files can be cracked.

[dansmith65]

Given that you want it related to your finance database, this may not be ideal, but there are some good (and free) programs for keeping all your personal information secure, like: http://keepass.info/

[Vaughan]

******* you Fitch, I just wasted half an hour reading Wikipedia about "turtles all the way down" which lead me to "unmoved mover" and the Münchhausen Trilemma. ;)

[Fitch]

Sounds like time well wasted to me.

[Vaughan]

... except I was meant to working on the pay roll module. Thankfully the old system is still working. ;)

[org]

http://www.truecrypt.org is cross platform / open source ( win / osx / linux ), slicker on PC eg. mount at login, mac bit more manual, mount-as-go but sure there are command line workarounds.

I briefly tested with Dropbox while back, worked well only updated changed bits of encrypt disk ( like sparse disk ) - seemed to work fine across Mac/pc but no more than a quick test.