Can i require password from operating system for mdb file to open?

[Guest]

Can i limit an access mdb file to a given set of machines by loading into the
machines a password that the mdb file looks for before opening so that it
will not work on other machines? The idea is that a user would not be able to
make a copy of the file and instal it on another machine.

 

[Guest]

Nothing can stop someone from copying an Access file to another computer.
After all, it's a file like any other. However, you can implement security
into your mdb files so that people with the appropriate usernames and
passwords can run it.

 

[Guest]

Thanks for your reply Ray.

It is because i know that people can and, for backing up needs, are making
copies of both the front end and the data file that i want to ensure that
even those with current user passwords cannot then use the information in the
files on another machine. That is why i thought about a password that is put
in the operating system and only the boss of my customers company knows that
password. This may not be the best way so i am open to other ideas. What do
you think?

 

[Rick Brandt]

Thanks for your reply Ray.

It is because i know that people can and, for backing up needs, are
making copies of both the front end and the data file that i want to
ensure that even those with current user passwords cannot then use
the information in the files on another machine. That is why i
thought about a password that is put in the operating system and only
the boss of my customers company knows that password. This may not be
the best way so i am open to other ideas. What do you think?

My standard advice on this...

If you need to protect data from non-users use network security. If you need to
protect data from users then it should not be in an MDB file. There is no
protection for an MDB that a few minutes on the internet and a few dollars won't
defeat.

 

[SpecProjAnalyst]

There is a way that you can lock the database so it cannot be opened on the
back-end and requires a password before opening. Is this what you want to do?

 

[Guest]

I agree with Rick, Access has an excellent security model but it's not
bulletproof. Remember, this is a database designed for the PC, not a server.
The only other option I could think of is to put a database password in the
data file and only you and your application should know this password. That
way users can link to it using the application and if they try to open the
data file they can't because they won't know the password.

But this is worse that user-level security because once they break the
database password, they have access to everything. Like Rick said, a few
bucks and a quick search on the internet can easily break the database
password. That's why I use user-level security, it's better than a mere
database password.

I'm not a network expert but isn't there a way to prevent people from
copying files? perhaps you can talk to a network specialist and have him
prevent copying or deleting your files.

Ray

 

[SpecProjAnalyst]

Actually, I have a way that might solve some problems.

First you create a small database that you can have users put in their
computer. That database can be your portal. "Push here to enter database" and
have a command button that closes that database and opens the main one. You
can add a dll (dynamic linking library) module in there that pulls the log in
name of the person accessing the database the opening database. Than you can
create a table with the usernames and security level they want (I usually use
Admin for everyone who is supposed to have access to it). On the opening form
you could put a label that reads, "Push here to enter database" and have a
command button that closes that database and opens the main one. Than you can
create 2 modules. One for verifying the username and the other for verifying
the security level. If the username matches one of the usernames on the list
than you can you can press the button and have it link to your main database.
If your username doesn't match you can have a message box that pops up and
says "Access denied". You can shift lock the first database so no one can get
in through the back way and keep your main database hidden where only you
know where it is. This way everyone can have what they think is the database
on their desktop but in reality won't have anything but a door.

It seems like a lot of work, but it will do what you want.

I agree with Rick, Access has an excellent security model but it's not
bulletproof. Remember, this is a database designed for the PC, not a server.
The only other option I could think of is to put a database password in the
data file and only you and your application should know this password. That
way users can link to it using the application and if they try to open the
data file they can't because they won't know the password.

But this is worse that user-level security because once they break the
database password, they have access to everything. Like Rick said, a few
bucks and a quick search on the internet can easily break the database
password. That's why I use user-level security, it's better than a mere
database password.

I'm not a network expert but isn't there a way to prevent people from
copying files? perhaps you can talk to a network specialist and have him
prevent copying or deleting your files.

Ray

Thanks for your reply Ray.

[quoted text clipped - 15 lines]

 

[Guest]

Hello SpecProjAnalyst

The backend is password protected but the front end is open to all employees
of the company. On the front end the menu bar and database window are hidden
and the bypass key is disabled so parts of the database are password
protected where necessary. Some employees have the password to the backend
and the purpose of this exercise is to prevent employees taking home copies
of either front or back ends and being able to open them or pass them on to
competitors.

I have designed a system with a bit of code that looks for the existence of
another file. If that file is present then the database opens without fuss.
If it is absent then the database file simply shuts down the application with
no warning or options. Only the boss and myself need to know the existence of
this process as it requires no password. I think it will do the job but would
like to hear thoughts from others.

Thanks

 

[Guest]

Hi Ray

On the front end i have hidden the menu bar and database window, disabled
the bypass key and set my own shortcut menu. The company do not want users to
have to log in and out as they use each others machines regularly so they
each have passwords to the parts only they can use. Do i understand from what
you say that hackers can somehow open the file using another application and
edit the code so that my protections can be overidden? Is that why you
advocate creating an mde file?

The backend is password protected but some employees have the password. If
they should leave the company then they are quite likely to have recent
copies of the backend which would still have the password they know. The idea
here is to prevent either the front end or backend from opening on their own
machine.

What do you think of my idea as set out in my reply to SpecProjAnalyist?

Thanks for your support

Abel

 

[Keith Wilby]

Than you can
create a table with the usernames and security level they want

Here is a major flaw in your cunning plan ;-)

Keith.

 

[SpecProjAnalyst via AccessMonster.com]

I programmed something like a few years ago and it worked alright. I had an
issue one time when the people I designed the datase for accidently deleted
the file during one of her "purges". It is a good idea as long as back-ups
are made.

Hello SpecProjAnalyst

The backend is password protected but the front end is open to all employees
of the company. On the front end the menu bar and database window are hidden
and the bypass key is disabled so parts of the database are password
protected where necessary. Some employees have the password to the backend
and the purpose of this exercise is to prevent employees taking home copies
of either front or back ends and being able to open them or pass them on to
competitors.

I have designed a system with a bit of code that looks for the existence of
another file. If that file is present then the database opens without fuss.
If it is absent then the database file simply shuts down the application with
no warning or options. Only the boss and myself need to know the existence of
this process as it requires no password. I think it will do the job but would
like to hear thoughts from others.

Thanks

There is a way that you can lock the database so it cannot be opened on the
back-end and requires a password before opening. Is this what you want to do?

[quoted text clipped - 3 lines]

 

[SpecProjAnalyst via AccessMonster.com]

Nah, because this database is username protected. You could also do some
coding so that you do not need a table but recognizes security privilages
based on username. Besisdes if the database is shift key disabled, no one
will be able to make it into the back end of the database to modify the table
unless they can re-enable the shift key.

 

[Keith Wilby]

Nah, because this database is username protected. You could also do some
coding so that you do not need a table but recognizes security privilages
based on username. Besisdes if the database is shift key disabled, no one
will be able to make it into the back end of the database to modify the
table
unless they can re-enable the shift key.

Can be all very easily defeated. Adding a layer of complexity doesn't make
it more secure.

Keith.