One of the more interesting use cases for fmSMS involves two-factor authentication. Two-factor authentication is used by a number of large enterprises like Apple, Google, Facebook and banks to protect their users from hacking and phishing attempts – you might have experienced this yourself if you’ve needed to reset your password for one of these services and have received an SMS to your registered mobile number with a one time code or password that you have to enter into their website as part of the authentication process.
We’ve recently been working with an fmSMS customer who needed to implement two-factor authentication with their existing FileMaker hosted Custom Web Publishing application. They needed users to be able to perform the following tasks:
- go the web application URL and enter their email address/username
- if this email address was located in the FileMaker database an SMS was sent to the mobile phone associated with that email address/customer record containing a unique code (codes can never be recycled)
- the user would then enter this code into the website when prompted which would then confirm the code was valid and they could then proceed to use the web application
We helped the customer write some PHP pages using the FileMaker PHP API that performed all of these tasks and they were very happy with the result. This runs 24/7 unattended.
Contact us if you would like to discuss implementing two-factor authentication with your FileMaker web application.