datAdrenaline
AWF VIP
- Local time
- Today, 12:37
- Joined
- Jun 23, 2008
- Messages
- 697
Ok ... here are a few of my security links ...
How to handle the absence of ULS with ACCDB format ...
vPPC (Virtual Password Protected Connection)
Note ... it is a HUGE thread, but the post I link you to is the "core" of vPPC. Also, please take note that the concept works with the MDB format as well but since the strength is dependant upon the DATABASE password, the protection achieved is much greater with A2007 than with A2003 and lower.
Regardless of the ability to break A2003 pwd's, I use the vPPC method in almost every new app I create. I find it simple and robust enought to make folks turn away ... but like I said, I am in a fairly controled environment and if employees are found out to be fishing around in the data and/or the app, without a buisness need to do so (ie: I am not around, and something is broke and skilled folks are trying to fix it) then it is grounds for "discipline" which may include termination ... Now, vPPC (especially vPPC/Enhanced) with A2007 is really quite strong, but I'm sure its not impervious.
...
Here's another one with ULS ... How to achieve ULS without having to enter a uid and pwd ...
ULS without entry of uid and pwd
...
Linked SQL Server tables WITH OUT storing the userid and pwd in the linked table def ... and with out being prompted (this is similar to vPPC) ...
SQL Server Linked Tabledefs ... no uid and pwd in the linked table def
How to handle the absence of ULS with ACCDB format ...
vPPC (Virtual Password Protected Connection)
Note ... it is a HUGE thread, but the post I link you to is the "core" of vPPC. Also, please take note that the concept works with the MDB format as well but since the strength is dependant upon the DATABASE password, the protection achieved is much greater with A2007 than with A2003 and lower.
Regardless of the ability to break A2003 pwd's, I use the vPPC method in almost every new app I create. I find it simple and robust enought to make folks turn away ... but like I said, I am in a fairly controled environment and if employees are found out to be fishing around in the data and/or the app, without a buisness need to do so (ie: I am not around, and something is broke and skilled folks are trying to fix it) then it is grounds for "discipline" which may include termination ... Now, vPPC (especially vPPC/Enhanced) with A2007 is really quite strong, but I'm sure its not impervious.
...
Here's another one with ULS ... How to achieve ULS without having to enter a uid and pwd ...
ULS without entry of uid and pwd
...
Linked SQL Server tables WITH OUT storing the userid and pwd in the linked table def ... and with out being prompted (this is similar to vPPC) ...
SQL Server Linked Tabledefs ... no uid and pwd in the linked table def