Question Database Security

M

marianne

Registered User.
Local time
, 23:22
Joined
Mar 26, 2009
Messages
327
1. I am using ms access 2003. I discovered that setting up the database password can still be cracked or recovered. Is there any other way to enhance the database password security.

2. I have seen an mdb example wherein even though the database has no password and the tables are vulnerable for opening, but the user cant still open the tables because there is a message saying no permission. How does that done?

3. The above statements were asked because I made a custom login permissions in a table (add, edit, delete, view)
 
Well, I've always thought that ULS was more useful as a "permissions manager" to corral honest users into intended sets of actions and preventing them from accidentally doing something that's not expected.

In a pure Access solution, I'd argue that ULS is more secure compared to a DIY custom login (and remember I use the word 'secure' in a relative sense). Furthermore, I'd be content to just use ULS and leave it up to Windows and/or network setting to keep out the non-users and people who aren't associated with the company. Employees usually have an incentive to keep their application working so usually are happy to oblige and I believe that if a company insist that the application be secured from their employees, they actually have bigger problem than they think!

In cases where data are truly sensitive, the best answer to protect them is to move them off into a RDBMS such as Oracle, MySQL, SQL Server, PostgreSQL, or such where security is more robust while keeping Access as a front-end to those servers.

I hope that helps provides some high-level visualization of what we can do with Access security...
 
thanks for your replies. yes though I know that ULS could be the answer.
 
marianne

you should be more bothered about code than data

1. use an mde, then your code is secure

2. its not data security as such thats an issue so much, in my opinion - pretty well every system exposes data in some way or other, and there is generally a way of connecting to the back end, to see the data layout for properly authorised users. eg sage in UK is biggest software company - but you can use access to connect to sage tables, and just copy all the data into an unsecured access database - but its one thing
doing this, and quite another working out exactly how it all hangs together.

3. designing a system to allow certain users to be restricted to certain areas is by no means straightforward. Although you have access security, for a big system this can be really awkward to set up precisely.
 
thanks so much gemma ! I didn't know that sage database can be connected thru access. Whew !!!

I agree that code is much more needed to be secured. But just in my case, I just also need to secure my data. It let me feel secured and nothing to worry about.
 
You must log in or register to reply here.

Similar threads

D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
802
Isaac
Isaac
M
.accdb table password recovery
Replies
5
Views
535
isladogs
isladogs
M
Solved Can I access the user passwords in the MDW file?
Replies
13
Views
1,259
gemma-the-husky
gemma-the-husky
E
MS Access Database and Windows 11 Update error
2
Replies
20
Views
1,785
The_Doc_Man
The_Doc_Man
B
Advice Request : Simplest method to allow multi-site access to a prototype database
Replies
10
Views
845
Pat Hartman
P

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom