Home > Designing and creating databases > Protecting databases > About protecting databases

About protecting databases

You can limit what users can see and do in a FileMaker Pro file. You can restrict:

•	Data access. Make particular tables, fields, or records view-only, or hide them completely.

•	Layout access. Prevent users from modifying layouts in Layout mode.

•	Access to value lists and scripts. Prevent users from accessing and modifying value lists and scripts, and from running scripts.

•	Access to file sharing. Individually enable file sharing via the FileMaker Network, Web Publishing, and ODBC/JDBC for only particular users.

•	Outputting data. Prevent users from printing or exporting data.

•	Menu access. Make only a limited set of menu commands available.

•	External file access. Protect access to a file in your database by authorizing other files to reference its tables, layouts, scripts, and value lists.

•	Plug-in files. You can disable installation of plug-in files. See Setting plug-in preferences.

You restrict what users do in a file by requiring them to enter an account name and password when they attempt to open a file. The account name and password they enter determines which privilege set will be used to limit what they can do in a file. See About accounts, privilege sets, and extended privileges.

You can define privileges in a shared file while clients are using it. Any privilege changes that affect a current client do not take effect until the client closes and reopens the file.

Privileges protecting an external data source

The external data source provides the access privileges for the data. You can add access privilege requirements in FileMaker Pro. See Editing ODBC data sources.

Privileges protect a single file

The privileges that you set up apply to a single file only and all tables within that file. If your database solution consists of multiple files that you want to protect, you may want to combine all of these files into one multi-table file. Then you can define privileges in only a single file to manage access to the entire database solution. If you don’t want to combine the files into one file, then you should define privileges in each file that contains items you want to protect.

Important  If you create a relationship in one file that references a table in another file, you cannot manage access privileges for the related table in the first file. The privileges defined in the other file control access to that table.

Note  If you have a multi-file database solution that includes multiple protected files, you may want to consider using identical account names and passwords in each protected file. When one protected file attempts to access another protected file (such as to access related data or execute a script in the second file), FileMaker Pro initially attempts to open the second file with the same account name and password that was used to open the first file. If there is a matching account name and password, FileMaker Pro skips displaying the account/password dialog box. If there is no matching account, then FileMaker Pro displays the account/password dialog box so the user can enter account information.