Form Security

[Abbos]

Hi there,

I have a number of forms which I wish to password protect. Currently I have done this but the password is hard coded. I need to change this so that I can create a smaller like control panel form that allows some to change the different passwords.

My current problem is changing the hard coded passwords to use a variable instead. I thought to use a Public variable which is in a normal module (not class) however I am a little stuck as I dont know what would be the best way of setting and storing the value of that public variable.

Could anyone give me some advice please?

 

[statsman]

Are you new to Access security?
From your description I couldn't tell if the forms are already password protected and you wish to change the password or if the entire database is password protected.
If the database is password protected, you should delete this password. The database password allows everyone who knows the password to have access to everything on the database.
A better way would be to use the full Access security feature. You can then assign users permissions to use different parts of the database.
When the user signs on, their level was previously set by you. If User 1 needs access to Area A, but not Area B you give or decline permissions according to the users needs.

Please try the following link:
www.geocities.com/jacksonmacd
The first download, "Security Paper by Jack Macdonald" is a very good introduction to Access Security.

If I have misunderstood your post please disregard.

 

[Abbos]

Hi Statsman,

Thanks for the reply. Yes you are right (sorry for not stating in my post) it is not a database password.

I have read the article but it is pretty complex for what I would like to do for the time being.

For the moment I would like to just use a variable instead of hard coding the form passwords into the forms. I think I need to use a public variable but when I set this in a module (not class) it won't allow be to assign a value to that variable in the module. How do I go about setting the value so that it is a database wide value?

Thanks,

 

[billyr]

I use 2 public variables, one for user name and one for security level. Both are gathered by code attached to a splash form. (I also hard code a user name and PW for my own use) If there is a staff table in the application, I have fields for username and PW, if not I add a user table with these fields. I then use code in the open event for the main switchboard to allow or not allow forms to be opened. You could also do this at the form level to restrict data.

 

[Abbos]

Thanks Billy.

Just to make sure I understood your post correctly you advise to store the username and passwords simply as fields in a table and then call these during the "authentication" process when opening the forms etc? If so, could you please help me out with the line of code that would reference the tblUsers for the username and password?

Thanks,

 

[billyr]

First, I am not sure I am competent to advise; but, I am glad to share what I do. My applications always open with a splash form that requests user name and PW. Once validated I store the users name and security level in a public variable. From then on, I only need to check those public variables. The name is only used for "whistles and bells" on the main menu, ie "Hello John Doe". I use access 2K and can make a small db to demo what I am talking about if that is of interest to you.