AnsweredAssumed Answered

Bypassing FileMaker Password Recovery

Question asked by NaturSalus on Nov 14, 2012
Latest reply on Nov 14, 2012 by MarcMcCall


Bypassing FileMaker Password Recovery



     The user account and password protection of Filemaker Pro products can be easily bypassed using products like: FileMaker Password Recovery. In the end, this program will find out all the user accounts of your FM project file and will replace their passwords by the ones of your choice.

     This is a reported and known issue by FMI. 

     Since removing the Admin account doesn't prevent your application from being opened and used by anyone that have a copy of your application and FileMaker Password Recovery , I was thinking of a way to bypass the ability of FileMaker Password Recovery to change the original passwords by new ones.

     So instead of using FM Pro built in login capabilities, what about creating a login script that requests the user account name and password and then checking whether the entered password is the same as the one provided to the buyer. 

     If the password entered by the user is equal to the password provided to the buyer then access is granted.

     However, if the password entered by the user (the one entered using FileMaker Password Recovery) is different from the password provided to the buyer then access is not granted and the application is closed.

     My question is

     ¿what are the pitfalls of this approach vs doing nothing and using FM Pro default login process?



     P.D. I am still on FM Pro 11 Advanced till FM Pro 12.04 is released and proven reliable