Skip to main content

NEVER EVER leave the default Admin account enabled in FileMaker

I hesitate even to bring this up, because this is Dangerous Knowledge.

When you create a new FileMaker database, FileMaker gives you a default login account, with a default name and password. I wish it didn't and in my opinion, it shouldn't. But it does.

So here's what you need to know: Never, ever leave that default account enabled.

 When would this matter?

If the database is stored on your computer and never shared with anybody, keeping the default account enabled means anybody who can get into your computer, can open the database — as developer. Now, this isn't really as big a deal as you might think, because they could do this even if you didn't use the FileMaker default login account. (Hint: Password crackers.) That's one more reason why you need to be careful about the security of your computer.

 But God forbid the database is hosted on a server that is configured for remote access! In that case, physical access to the server is irrelevant. Any Internet troll who knows or can guess the server's address can get into your database — as developer. What do I mean by "server configured for remote access"? I mean a server machine that sits in your office but which has been configured so you can get to it from outside the LAN. And yes, I mean every single one of those commercial services out there that host FileMaker databases.

When you create a new database, the very first thing you should do is delete the default account and replace it with your own. And of course, immediately store that info in 1Password!
Labels:

Comments

Post a Comment

Popular posts from this blog

Setting up OAUTH with Google in FileMaker 16

Setting up OAuth with Google in FileMaker 16 Posted by William Porter Intended audience: Intermediate to Advanced FileMaker developers Date of publication: 2017-June-06 Updated: 2018-June-06 One of the many exciting features in FileMaker 16 (released May 2017) is OAuth or Open Authentication. Open Authentication allows users to connect to a FileMaker database after authenticating with an external (non-FileMaker) account. At the present time, FileMaker supports OAuth through Google, Amazon and Microsoft. If you're a developer there are two main questions to answer. First, should I do this? And second, how do I do it? I'll answer the first question later. It's important. But the other question-- How  do I setup OAuth?--is answered in the attached document. I wrote this tutorial with the help of my friend and colleague Taylor Sharpe of Taylor Made Services , also here in Dallas. We provide step-by-step instructions on how to get your users authenticating in...
6 comments
Read more

Virtual List Basics

The concept The basic trick behind virtual lists is the wonderful GetValue() function. GetValue() takes two parameters: A list of return-delimited values A number specifying which value in the list to get For example say you have a field in a single record called “List of Values” and it contains the following:    Apple    Boy    Cat    Doorknob    Elephant    Fish When that record is selected, GetValue ( MYTABLE::List of Values ; 4 ) will return “Doorknob”. The brilliant idea is to replace the list of values stored in a field with a list in a global variable . The basic implementation, part one Create a table called VIRTUALLIST. In it, define these two fields: VALUE NUMBER: a number field Value_calc: calc field returning text value, = “GetValue ( $$VALUES; VALUENUMBER )”. Make sure that this value is an unstored calculation. Go to the layout for the VIRTUALLIST table and create s...
Post a Comment
Read more

Correction of mistake in my review of FileMaker 14

There is a significant mistake in my Macworld review of FileMaker 14 , published yesterday. I spent a fair amount of time getting to know the new navigation layout part and in the process, coming to like it quite a bit. As I said in the review, at first glance, it looks like a duplicate of the header or footer layout part, but it's not. At the end of the relevant paragraph, I wrote this little summary: I expect that FileMaker 14 developers will soon start using the navigation part for UI widgets like buttons, and will leave headers and footers for printed reports. I thought hard about the new navigation part; but I didn't give quite enough thought to how the old layout parts will and will not be affected by the new one. The truth is, you will still want to put column field labels (on a list view layout) in a header part, so that they zoom with the body part. (This would apply to footers as well if you put any objects down there that need to stay aligned with the fields i...
Post a Comment
Read more