Passwordless Login into Your FileMaker Solutions

We’ve said it before: your password is useless. The 2020 Verizon Data Breach Investigations Report underlines it: over 80% of the hacking breaches involved brute force or stolen credentials. If your whole identity is unlocked with just a string of text that is easy to guess or has been compromised in an earlier data breach, then your identity is not very safe, and neither is anything that it has access to.

Screenshot of the 2020 Data Breach Investigations Report (DBIR) data on hacking
Figure 1. 2020 DBIR datea on hacking

Relying on the old-style username and password combo is dangerous. So why not make it so that your FileMaker solution does not need a password at all for login?

Since FileMaker 16, you have been able to use modern external Identity Providers (IdPs) to do the user authentication for you in the form of Microsoft Azure AD, Amazon, and Google accounts. And since FileMaker 17, you can basically use any provider that uses the OAuth2 variant of OpenID Connect. And many of these are now adopting the new WebAuthn protocol. For a quick primer on what that is, visit this very informative web site:

In short, you can now use a security key or token to use as the primary authentication factor or as one of the multiple forms of authentication you want to support.

Steven Blackwell and I have co-authored a new white paper in our OAuth series that describes how to use a Yubikey security key to log into our FileMaker solution.

Photo of the Yubikey 5 Series
Figure 2. Yubikey 5 Series

And to underline the many options and choices you have in choosing your preferred Identity Provider, we are also showing how to configure Red Hat’s Keycloak as an on-premise IdP. This demonstrates you are not limited to cloud-only options like the ones we have used up to this point: Okta, Ping, OneLogin, MiniOrange, Auth0, or commercial on-premise authentication providers such as Active Directory and its AD FS.

This white paper complements the others in this series:

You can also keep track of our content around modern authentication by using the OAuth tag on our web site. If you have any questions about how to implement this in your own FileMaker solution, our team is happy to help.

About The Author

2 thoughts on “Passwordless Login into Your FileMaker Solutions”

    1. SAML is not supported directly by FileMaker Server. But depending on your choice of identity provider, you can use it as a broker to an identity provider that only supports SAML. Keycloak for instance – that we are using in addendum 3 – supports that. One of our future white papers will show this in action.

Leave a Comment

Your email address will not be published. Required fields are marked *