1 Reply Latest reply on Jan 6, 2015 12:04 PM by TSGal

    report weak credentials

    SimonBrown

      Summary

      report weak credentials

      Product

      FileMaker Server

      Version

      13.0v5

      Operating system version

      Mac OS or Win

      Description of the issue

      As primarily a systems person who doesn't have DB level access, I have no easy way to determine if hosted files have weak or empty passwords.

      Steps to reproduce the problem

      1) file gets hosted
      2) user or developer puts in "temporary" account with weak credentials
      3) account is forgotten, DB is left open for access with weak credentials

      Expected result

      Since a user or developer might change credentials at any time, perhaps a scheduled process? Logging this would be sufficient, but email warning even better.

      Alternatively, an easy scripted way to check for weak passwords from a FMP client.

      Actual result

      File stays accessible with weak credentials.

      Exact text of any error message(s) that appear

      N/A

      Configuration information

      N/A

      Workaround

      For accounts with XML access this can be checked by a script. Might also be possible with client, but would require GUI scripting unless the FMP behaviors were changed.

        • 1. Re: report weak credentials
          TSGal

          Simon Brown:

          Thank you for your post.

          I recommend entering this suggestion into our Feature Requests form at:

          http://www.filemaker.com/company/contact/feature_request.html

          The entries into this web form populate a database file that is monitored by Development and Product Management.  All entries are read, discussed and considered for possible implementation in a future release.  Though I could copy your post and paste it into the web form, there are a couple of questions asked on the form that only you can answer.

          TSGal
          FileMaker, Inc.