Two-factor Authentication for FileMaker

Subscribe to Our Blog

Security is on a lot of people’s minds lately. Massive data breaches have become a monthly occurrence costing businesses millions in losses and untold amounts in data hijacking. With that in mind, a lot of requests for tighter security protocols company-wide are being handed down in a lot of businesses.

One of the major security processes that a lot of companies and web services have started using is two-factor authentication. It’s definitely something to consider across all of your technology solutions.

What is two-factor (or multi-factor) authentication? Let’s take banking apps for example. If you download an app on your phone for your bank and sign in, the bank will email you with a verification code that you need to enter in to activate your app. This is two-factor authentication, with the first factor being your regular banking user name and password, and the second factor being a unique code sent to you in a separate environment. This makes it virtually impossible for someone that has hijacked your login to authenticate and use your banking information.

While FileMaker has made incredible strides in introduces security to the platform with AES256 encryption, and robust access and data security through users and privilege sets, there are additional steps that can be taken to mimic two-factor authentication in FileMaker.

I recently had the chance to beta test Timothy Dietrich‘s new product FMAuthenticator. This service allows you to add a second authentication process to your database, where a user will receive a text message with an authentication code. It’s impossible to continue without entering the code, making it secure, even if a user accidentally gave out their username and password. My testing went very well, it was an immediately usable security feature that has little cost (implementation time and service cost) to implement, and l was impressed by how fast I received the codes on my phone. There’s also a few ways to roll your own two-factor authentications in FileMaker, such as using the send email script step to send a code that a user has to copy and paste back into FileMaker to authenticate after they log in.

With FileMaker becoming ever more public-facing in new services such as WebDirect, it will soon be important for even the most basic FileMaker users and developers to implement highly secure solutions. Ideas like two-factor authentication can certainly help!