disabled_JackRodgers

2 Factor Authentication is Weak

Discussion created by disabled_JackRodgers on Dec 31, 2015

Many corporations are beginning to use a second factor for validating a login, a PIN number is sent via email or text message and the user is required to enter it in a form field to continue.

 

This fails remarkably easily if the device is stolen. Read my blog about this:

 

http://fmpfirewall.com/2015/12/31/filemaker-security-2-factor-authentication-weakness/

 

If your solution's security needs are minimal, this method will suffice. If your solution's security needs are very high due to being a financial database or medical or even one involving Home Security and Terrorists, then this type of authentication is suspect for the reasons I state in the blog post.

 

I have worked on this concept for several years and recently devoted my full time to it and the ins and outs are mind boggling and trying to create a working security system within FileMaker is time consuming and frustrating as every idea seems to blow up into many problems. So I understand why scripters want to latch on to a simple idea as a complete solution when it is not.

Outcomes