Suggestions on how to secure data in MDB, yet still allow external access to it?

C

Chris

I'm working on a simple Access 2002 application. I've secured my code--by
splitting the data into an MDB and compiling my
code/forms/queries/reports/etc. into an MDE.

Next, I'd like to secure the data in the MDB. I realize that an MDB can be
password-protected; I'm sure it's a simple matter to modify the links in my
MDE so that it can still access the data in the MDB. I also understand that
an MDB can be encrypted. How secure is a password-protected MDB? Is
encryption recommended? Are there any disadvantages of either/both measures?

Lastly, I'd like certain users to be able to open the database in read-only
mode--to create their own custom reports. I figured I'd tell them to create
their own personal MDBs, link to the tables in the "live" MDB, and then
design their own queries and reports in the personal MDBs. However, I don't
think this would be very secure, since I would need to tell them the
password for the "live" MDB.

How are others handling this? BTW, I purposely avoided Access' user-level
security, instead controlling user access within the application itself.
 
R

Rick Brandt

Chris said:
I'm working on a simple Access 2002 application. I've secured my code--by
splitting the data into an MDB and compiling my
code/forms/queries/reports/etc. into an MDE.

Next, I'd like to secure the data in the MDB. I realize that an MDB can be
password-protected; I'm sure it's a simple matter to modify the links in my
MDE so that it can still access the data in the MDB. I also understand that
an MDB can be encrypted. How secure is a password-protected MDB? Is
encryption recommended? Are there any disadvantages of either/both measures?

Lastly, I'd like certain users to be able to open the database in read-only
mode--to create their own custom reports. I figured I'd tell them to create
their own personal MDBs, link to the tables in the "live" MDB, and then
design their own queries and reports in the personal MDBs. However, I don't
think this would be very secure, since I would need to tell them the
password for the "live" MDB.

How are others handling this? BTW, I purposely avoided Access' user-level
security, instead controlling user access within the application itself.
Click to expand...

The best you can do to protect data (if you stay with a Jet back end) is use
user-level security. Anything else is trivial to get past. ULS can be broken
as well, but it does raise the bar of difficulty considerably over "home-grown"
solutions.
 
T

TC

(snip)
BTW, I purposely avoided Access' user-level security, instead
controlling user access within the application itself.
Click to expand...


Then, you'll have to enhance your home-grown method to do what you want!

Alternatively, learn how to use Access user-level security, which will do
what you want.

HTH,
TC
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

security on back end mdb 2
Want to password protect one mdb but still access it from another mdb. 1
Microsoft Access Table Security 2
Security Woes - how to best secure per group per table 6
from mdb how to openForm a form in a referenced mde file 3
How to lock an MDB file, but yet allow application to access it 5
Only one User can connect to Access 2000 MDB on XP workstations 1
How to secure a MDW file? 2

Top