Encrypting/securing Access database

S

Satyajit

In my application, there is functionality to change the
password. I have created a local database (.mdb) and
saving the passwords whenever it is changed by the use. I
want to encrypt the databse, to be precise I don't want
any one to see that database.Users should be only able to
change the password through my VB form, not by opening the
database and change the password there. Being a new user
of database, I find this difficult.
I know, this might be easier for some of you experts
there.
Waiting for replies.
Thanks in anticipation.
Regads
 
J

John Vinson

In my application, there is functionality to change the
password. I have created a local database (.mdb) and
saving the passwords whenever it is changed by the use. I
want to encrypt the databse, to be precise I don't want
any one to see that database.Users should be only able to
change the password through my VB form, not by opening the
database and change the password there. Being a new user
of database, I find this difficult.
Click to expand...

You should consider applying Access security to the database. Go to
the CompuServe forum in my .sig or to Microsoft's website
http://support.microsoft.com and download SECFAQ2K.DOC (or the
Security Whitepaper). Read it *carefully*. Then read it *even more
carefully, a second time*. Then secure your database following the
instructions with care - it's quite possible to have a database that
seems secure but is wide open, or one that's so secure nobody
including you can get into it.
 
A

Albert D. Kallal

I would as the other post mentioned consider using ms-access security.

Note that encrypting the database is very different issue then is using
security.

Security lets you control who can view what table, or what report or what
form.

Encrypting has not hang to do with the above. When you encrypt a database,
then OTHER APPCLTIONS such as a disk editor viewing program when opening the
file as raw data will see garbage. However, opening a encrypted ms-access
mdb file will always be viewable, and does not in anyway prevent you, or
your users from viewing, or looking at the tables. So, a encrypted database
does not let other applications view the data unless they go through
ms-access. However, it does not prevent ms-access users from looking at the
table data.

You can most certainly hide the ms-access interface and prevent your users
from looking at the tables directly (and you don't even have to use
encryption (which we now know does not help this problem anyway), or even
use security to do this.

Try downloading the following a2000 example:

http://www.attcanada.net/~kallal.msn/msaccess/DownLoad.htm

Pick the 3rd one, and I did not use any security on that file, but all of
the access interface is hidden.
 
S

Satyajit

Thanks a lot John for taking the effort to answer my
question. I was little tied up with other activities thats
why could not reply you in time.
But, I could not find the secified white paper as
suggested by you in the dupport website. Could you please
tell me where I can find the "SECFAQ2K.DOC".
Thanks again.
 
S

Satyajit

Thanks Albeit. You cleared a lot of fundas. It definitely
helped me in understanding how security is different from
encryption.

Thanks again for your effort.
regards.
 
J

John Vinson

Thanks a lot John for taking the effort to answer my
question. I was little tied up with other activities thats
why could not reply you in time.
But, I could not find the secified white paper as
suggested by you in the dupport website. Could you please
tell me where I can find the "SECFAQ2K.DOC".
Click to expand...

http://go.compuserve.com/MSDevApps?SEC=2&FID=9211

or, for a zipped version,

http://go.compuserve.com/MSDevApps?SEC=2&FID=9376

You'll need a password and user ID, but there is no cost for accessing
the forum.

You can also find a copy (with a fair bit of difficulty!! Thanks
Microsoft) by following the links at the bottom of this knowledge base
article:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;305542
 
J

John Vinson

The security FAQ is available at
http://support.microsoft.com/?id=207793

There is also a security whitepaper
http://support.microsoft.com/?id=148555

Although the whitepaper is old, it contains information to help you
understand security.

Other good reads
Lynn Trapp's
http://www.ltcomputerdesigns.com/Security.htm

Jack MacDonald's
www.geocities.com/jacksonmacd
Click to expand...

Thanks Joan! I couldn't find the MSKB references (grrr... MSKB
indexing... SNARL!) and wasn't aware of Jack's site. Saved for future
reference!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Database Security 1
mdb password security 4
Securing my Database. 2
shouldn't Windows warn you before "encrypting", if password is blank? 5
Copy and move Access 13 database on laptop to pc with Access 13 0
Encrypting data 2
Securing primary key in an access form 2
Other ways of securing database than pwd and mdw? 2

Top