Jump to content

2-Factor Authentication


sreese

This topic is 2943 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Greetings,

I was actually reminded of these forums by a current thread on the regular FM forums. When I logged in I saw Josh's blog post:

I couldn't leave a comment on it, but I really appreciate that he posted this.

The only way I can see how to do a successful 2 factor authentication for FileMaker would be to require it as part of VPN authentication.

 

After that one really long thread on the FM Forums that it felt like I was arguing with WIM, I know that ersatz security really isn't all its cracked up to be. I also figured out a way to use external authentication and multiple files to accomplish some of the broad security settings that I wanted.

 

I suppose there may be another way to do 2 factor authentication using a web interface, but that initial logon would still have to be something outside of FileMaker currently I think. Even the method I am thinking of could probably be easily circumvented too though. So that really only leaves the VPN.

 

Has anyone had any conversations with FileMaker about building this into FM Server?

Link to comment
Share on other sites

There more than just the VPN.  There is also the OS.  Windows allows for 2FA where you can't get access for instance to a remote desktop until you passed two factors of authentication.  Some clients use phone confirmation, some clients use RSA keys.

If you want to start a conversation with FMI about it, post a feature request at their website and let other people vote on it:

https://community.filemaker.com/community/discussions/product-ideas

 

 

Link to comment
Share on other sites

Definitely post it in the ideas as Wim suggested.

Hopefully soon I will be able to finish putting together a PDF of that discussion that includes the images that are missing from that article. I just officially started a new job this week...so I've been a bit behind. Hoping I can get to it this weekend..but no promises. I've said that to myself the past 2 weekends. lol

Link to comment
Share on other sites

There are some other options for Multi-Factor Authentication.  I will be exploring some of those at the RSA Security Conference next week in California.  It is something where we need some additional approaches beyond the ones we have now.

 

Steven

Link to comment
Share on other sites

This topic is 2943 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.