Is it possible to obtain the encryption password from the keychain of a filemaker server?
I certainly hope no one has done any of several workarounds and stored this information on the server in any capacity. I do not believe that an administrator can store the credentials in the KeyChain or its equivalent on Windows OS from inside the FMS Admin Console. That inhibition is by design, and it is a correct process in my view.
The FMS Admin Console gives the ability to save the EAR password for a specific file or files in the CStore. That's the best place for it if it is to be stored. Policies will vary from organization to organization, especially those related to what is called Segregation of Duties.
Steven H. Blackwell
Platinum Member Emeritus, FIleMaker Business Alliance
Thank you Steven.
The problem is the following:
After the encryption of all the databases I re-opened the newly encrypted databases on the server. The admin console asked for the encryption password, I filled in the encryption password and saved the password by checking the save box. All the databases opened correctly. So far so good.
But after that I wanted to check my work, if I had saved the password correctly in our online secure database. So I closed the databases again and I copied and pasted the password from our online database into the password field in the admin console: All the databases opened correctly. This was we final check that I had saved all the important information.
But now I wanted toe open a backup file with the same encryption password and the password was not correct anymore!! The password in our database did not change in time, i'm very sure!
But the strangest thing know is the following: When I copy the encryption password from our database into the Filemaker Admin Console to re-open all the database, all the databases are opening correctly!
But a stranger thing what I now discovered, I can fill in any password to open all the databases !! So copying the password from our online database into the field in the admin console was after-all not a good check!!! I don't know how it can open databases with a wrong password...
You are most correct in your belief that this is an odd set of circumstances. Be sure to use text editors rather than word processors after copying the encryption password for subsequent pasting to a document or to a FileMaker Pro field. Also check for errant leading or trailing spaces. If I can think of anything else about this, I will make another post.
Platinum Member Emeritus, FileMaker Business Alliance
Nico Kobes wrote: But a stranger thing what I now discovered, I can fill in any password to open all the databases !!
Nico Kobes wrote:
But a stranger thing what I now discovered, I can fill in any password to open all the databases !!
Can you expand a bit on this?
Are all the files hosted encryption protected? Do they all share the same encryption passphrase?
You stated that you had told FMS to save the encryption passphrase, when you do that you are not prompted again when you ask FMS to open a file, so I'm confused as to where you input the passphrase when you ask FMS to open files.
Yes, all the files are encrypted.
Yes, all the files have the same encryption passphrase.
Yes, I get the passphrase field when I open one of the files. I tested this again just now, I closed one of the non-critical files and open this one again and I get the passphrase field. And it does not matter if I put in a random password of if I leave it empty, it opens up it anyway...
Retrieving data ...