Security is on a lot of people’s minds lately. Massive data breaches have become a monthly occurrence costing businesses millions in losses and untold amounts in data hijacking. With that in mind, a lot of requests for tighter security protocols company-wide are being handed down in a lot of businesses.
One of the major security processes that a lot of companies and web services have started using is two-factor authentication. It’s definitely something to consider across all of your technology solutions.
What is two-factor (or multi-factor) authentication? Let’s take banking apps for example. If you download an app on your phone for your bank and sign in, the bank will email you with a verification code that you need to enter in to activate your app. This is two-factor authentication, with the first factor being your regular banking user name and password, and the second factor being a unique code sent to you in a separate environment. This makes it virtually impossible for someone that has hijacked your login to authenticate and use your banking information.
While FileMaker has made incredible strides in introduces security to the platform with AES256 encryption, and robust access and data security through users and privilege sets, there are additional steps that can be taken to mimic two-factor authentication in FileMaker.
I recently had the chance to beta test Timothy Dietrich‘s new product FMAuthenticator. This service allows you to add a second authentication process to your database, where a user will receive a text message with an authentication code. It’s impossible to continue without entering the code, making it secure, even if a user accidentally gave out their username and password. My testing went very well, it was an immediately usable security feature that has little cost (implementation time and service cost) to implement, and l was impressed by how fast I received the codes on my phone. There’s also a few ways to roll your own two-factor authentications in FileMaker, such as using the send email script step to send a code that a user has to copy and paste back into FileMaker to authenticate after they log in.
With FileMaker becoming ever more public-facing in new services such as WebDirect, it will soon be important for even the most basic FileMaker users and developers to implement highly secure solutions. Ideas like two-factor authentication can certainly help!
About the Author
Mike Beargie has been with MainSpring since 2013 and has over 10 years of application development experience. As a developer, he creates solutions for clients in a wide variety of sectors across the U.S. and abroad. Prior to working at MainSpring, Mike worked as the lead developer for a consulting company, serving high profile political, special interest and nonprofit clients in the Washington, D.C., and Columbus, Ohio, markets. Mike regularly presents solutions and best practices to the FileMaker development community around the country, and is well known as an answer man online as well. In 2014 and 2016, Mike was recognized with the FileMaker Excellence Award for community contributions. Mike is a man of many hobbies, including woodworking, home brewing, art and music.