Encrypt a custom app

Use FileMaker Pro to encrypt all the information stored in a file (also known as encryption at rest). Database encryption protects your custom app if someone gains physical access to the file.

Database encryption requires a FileMaker file account with Full Access privileges to any file that is to be encrypted, an encryption password, and a shared ID. Users must enter the encryption password whenever FileMaker Pro or FileMaker Go opens a local file, or when FileMaker Server or FileMaker Cloud opens a file before hosting it. The shared ID links multiple encrypted files. When one encrypted file attempts to access another encrypted file, the user will not be prompted again for the encryption password if the files' encryption passwords and shared IDs match.

See "Encrypting and decrypting database files" in FileMaker Pro Help and Use strong passwords.

When you open an encrypted file on FileMaker Server or FileMaker Cloud, you can save the password to automatically open encrypted files when the server restarts. FileMaker employs a two-way AES-256 encryption that uses a composite key based on information from the machine to encrypt the password and stores the password securely on the server.

See "Opening hosted files" and "Clearing the database encryption password" in FileMaker Server Help, and "Encrypting and uploading database files" in FileMaker Cloud Help.

If a file is not encrypted, FileMaker Cloud automatically encrypts the file. To show the encryption password for a database, see FileMaker Cloud Help.

Important  After you download a file from FileMaker Cloud, it remains encrypted on your local machine, so you must have the encryption password to open the file. In FileMaker Cloud Admin Console, show the encryption password and save it in a safe place.