FileMaker Local Account Authentication

Intermediate

Deep dive into how FileMaker local account authentication works at the protocol level and how to manage it securely.

What you'll learn

  • How FileMaker hashes and stores local account passwords
  • The authentication flow for FileMaker clients and the Data API
  • Account lockout: why it does not exist and what to do instead
  • Migrating from local accounts to external authentication

Local FileMaker accounts are stored in the .fmp12 file itself -- username and a hashed password. When a user authenticates, FileMaker compares the provided credential against the stored hash. Understanding how local accounts work at a deeper level helps you make better security decisions about password policies, account management, and when to migrate to external authentication.

1/4
1

Password storage

FileMaker stores local account passwords as a salted hash inside the .fmp12 file. The exact algorithm is not publicly documented by Claris. The important security implication: a copy of the .fmp12 file contains all account hashes -- if the file is not encrypted at rest, an attacker with the file could attempt offline hash cracking. Enable database encryption to protect stored account credentials.

SSL Certificate Management for FileMaker ServerExternal Server Authentication (Active Directory / LDAP)

Sign in to track your progress and pick up where you left off.

Sign in to FM Dojo