Disable Shift Key Bypass (4 Viewers)

[TheSearcher]

I'm trying to disable the Shift Key Bypass functionality. I found the following methodology in an AI website. It seems simple enough but it doesn't work. Can anyone help? I want the autoexec macro to run even if the Shift key is held down.

To disable the shift key bypass in Microsoft Access, you need to modify the AllowBypassKey property to False using VBA code. This will prevent users from holding the shift key down while opening the database to bypass startup options like the AutoExec macro and the specified startup form.
Here's how to do it:
1. Open the VBA Editor: In Access, press Alt + F11 to open the Visual Basic Editor.
2. Go to Immediate Window: In the VBA Editor, navigate to View > Immediate Window.
3. Enter the Code: Type or paste the following code into the Immediate Window and press Enter:
Code
CurrentProject.Properties.Add "AllowBypassKey", False
1. Close the Editor: Close the VBA Editor.
2. Close and Reopen Access: Close and then reopen the Access database to test the change.
Now, holding down the shift key while opening the database will no longer bypass the startup options.

 

[June7]

Those instructions are for an ADP which hasn't been supported since Access 2003. Refer to https://learn.microsoft.com/en-us/office/troubleshoot/access/disable-database-startup-options

 

[Ranman256]

i use this.
the apEnableShift reverses all settings

Function apDisableShift() As Boolean
    'This function disable the shift at startup. This action causes
    'the Autoexec macro and Startup properties to always be executed.

    On Error GoTo errDisableShift

        Dim db As DAO.Database
        Dim prop As DAO.Property
        Const conPropNotFound = 3270
        Dim sProp As String
        
        Set db = OpenDatabase(CurrentProject.Path & "\" & [Forms]![frmMenu]![cmbDBName])
        Check4MdbProps db
        
        db.Properties("StartUpShowDBWindow") = False
        db.Properties("StartUpShowStatusBar") = False
        db.Properties("AllowFullMenus") = False
        'enable F11, ALT F11, etc. for short key
        db.Properties("AllowSpecialKeys") = False
        'allow Access Shortcut Menus. May be too severe
        db.Properties("AllowShortcutMenus") = False
        db.Properties("AllowToolbarChanges") = False
        
        sProp = "AllowByPassKey"
        db.Properties("AllowByPassKey") = False

        sProp = "AllowBreakIntoCode"
        db.Properties("AllowBreakIntoCode") = False
        
        apDisableShift = True
endit:
        'The function is successful.
        Exit Function

errDisableShift:
'MsgBox Err.Description & vbCrLf & "prop:" & sProp, , "apDisableProps:" & Err
'Resume endit
'Resume
    'The first part of this error routine creates the "AllowByPassKey
    'property if it does not exist.
On Error Resume Next
    If Err = conPropNotFound Then
        Set prop = db.CreateProperty("AllowByPassKey", dbBoolean, False)
        db.Properties.Append prop
        Resume Next
        Else
        'MsgBox "Function 'apDisableShift' did not complete successfully."
        'Exit Function
    End If
    Resume Next
End Function

 

[isladogs]

Whilst the shift bypass can be disabled with code such as that above, it can also be re-enabled externally from another database.
For more details and code, see my article:

Manage the Shift Bypass Property

The third article in this series shows how to enable or disable the shift bypass property in your Access databases

isladogs.co.uk

 

[TheSearcher]

Thank you both very much!

 

[TheSearcher]

Many thanks isladogs!

 

[TheSearcher]

Okay. I realize this is probably a stupid question - but how do I get back in after the shift key bypass is disabled? What if I want to turn it off so that I can modify something?

 

[isladogs]

Okay. I realize this is probably a stupid question - but how do I get back in after the shift key bypass is disabled? What if I want to turn it off so that I can modify something?

See my first sentence in post #4. Details are in my article.
However, remember just as you will be able to get back in using suitable code, so can other knowledgeable users.

You should also keep a copy that isn't locked down for future development work

 

[June7]

Don't necessarily have to re-enable just to do edits. Depends on what other customization you implement. Have you employed a modified ribbon? Have you disabled right click shortcut menus? Do you hide Navigation Pane? Disable function keys?

If you can still go to the VBA Editor, you can do whatever code edits you want.

Some will encrypt database so VBAEditor can only be accessed by password. Or deploy an executable frontend to users.

 

[TheSearcher]

@June7 - I hide the ribbon, hide the navigation pane and disabled all Access close out buttons. How can I get to the module that contains my function? Can I still get to the VBA editor?

 

[isladogs]

Have you disabled shortcut keys such as Ctrl+G?

 

[TheSearcher]

@isladogs - I have not. I'm not familiar with that. What does Ctrl+G do?
Also, I tried your code that you provided in your article and it worked beautifully. I was able to reverse the code from another database. Very elegant. Thanks!

 

[isladogs]

Ctrl+G opens the Immediate window which means the VBE is also opened. This is one of the settings you can disable via Access Options

https://isladogs.co.uk/improve-security-2

 

[TheSearcher]

Great stuff. Thank you very much!

 

[TheSearcher]

I password protected my back end database so that the login credentials would be protected from wandering eyes. Now users can't use the front end to log in. Am I missing something here?

 

[theDBguy]

I password protected my back end database so that the login credentials would be protected from wandering eyes. Now users can't use the front end to log in. Am I missing something here?

Unfortunately, backend password is stored as plain text in the frontend, so some users might still be able to figure it out.

 

[isladogs]

Whilst the comment above is true, I don’t think that is the issue here

@TheSearcher
Did you relink the tables after encrypting the BE database? If not, do so.
Also if you are storing user login passwords, make sure these are also encrypted using something like RC4 or SHA. This is essential for security reasons.

 

[TheSearcher]

Unfortunately, backend password is stored as plain text in the frontend, so some users might still be able to figure it out.

Seriously? Should I just spray paint the password on the office wall or reconsider using Access?

 

[theDBguy]

Seriously? Should I just spray paint the password on the office wall or reconsider using Access?

I don't know what you're trying to protect; but if you want total security, then maybe Access is not the right fit for you. For some of us, medium security is good enough, and Access is just right.

 

[TheSearcher]

Thanks @theDBguy - I, like any other developer, want to protect, at least, passwords.
Access offers an input mask which masks the passwords so that they can't be read. Great.
Access allows you to remove the input mask and thereby view everyone's passwords in plain text. Not great.
Access allows you to password protect your backend databases so that no one can view the data without having the password. Great.
Access displays that password in plain text when you link the front end to the protected backend. Unbelievably dumb.
I have successfully used SHA encrypted passwords in my SQL Server databases but they are very cumbersome and complicated to administer. I would prefer not to use them. I hope to find a reasonable alternative other than writing my own encryption program. But so far this is looking like the only alternative.
I do appreciate everyone's input however,