help with password protection for forms

D

dana_cc

New member
Local time
Today, 13:11
Joined
Sep 16, 2006
Messages
3
Hi,

I need some help creating a way for two different type of users to be redirected to different forms after entering a password.
I tried using the groups security in access but it's not good.

What I need the program to do is:

ask the user to enter a password. then if the password is correct and they are managers they will see the managers opening form ("form1") and if they are employees they will se a different opening form("form2") with less options and different reports.

thanks.
 
dana_cc said:
...
I tried using the groups security in access but it's not good.
...
Click to expand...

Why do you say it is "not good”? If you construct this correctly, using Group Accounts, and granting the required privileges to the appropriate group, and making individual accounts members of the appropriate groups, maintenance will be much easier than the headache you will be creating if you insist on building your own "tack on" security.

You could set up your two (or more) groups, and two (or more) forms, and grant permissions appropriately. Set up a third form as the Database's Startup Form.

The startup form could do any of the following:-
1) Let them manually choose an option (security would block them from getting through to an option for which they don't have privileges)
2) Automatically assess which group they are a member of and open the appropriate form
3) Attempt to open the "Manager" form, and trap for a security error - if that is encountered, then open the alternate form.


If you insist on pursuing the path you are alluding to then please consider the following questions...
1) What will you do when the manager password becomes compromised (i.e. people know it when they should not)?
2) A good security procedure would require passwords be changed frequently. How will you accommodate this?
3) If you are going to put password(s) in your own table so you can change it (them) without having to change code, what is stopping anyone from reading the table where the password(s) are stored?
3) What is stopping anyone from opening the target "management" form directly (without going via your "password" gate), and even directly accessing all the functionality beyond it, which you are trying to protect?

In short, Access already affords you what you are asking for, via its own security, and does it much better than you will be able to achieve outside of it (but within Access). It might be hard to understand at first, but the alternative is much worse.

HTH

Regards

John.
 
The startup form could do any of the following:-
1) Let them manually choose an option (security would block them from getting through to an option for which they don't have privileges)
Click to expand...

The thing is I don't want the users to even see the options available for groups with higher permissions and when I looked at the options available from the access group security it wasn't an option.

the only other thing I can do is turn the various options invisible to certain groups but then I am not sure about how to turn them visible again based on the permissions.

Another question: does using the access groups option mean I'll have to create the user groups on each computer separatly?

thanks.
 
you can personalizze the view with
DoCmd.OpenForm "Employees", , ,"user= 'username'"
 
dana_cc said:
The thing is I don't want the users to even see the options available for groups with higher permissions and when I looked at the options available from the access group security it wasn't an option.
Click to expand...

So you didn't like option 1. What about option 2 or 3 ?

dana_cc said:
Another question: does using the access groups option mean I'll have to create the user groups on each computer separatly?
Click to expand...

Not if you set it up right. Create a workgroup file on the network - you can put it alongside the database. Create a shortcut for your users, and use the command line options to specify use of the workgroup file you created. Search the on-line help for more on "Start Microsoft Access with command-line options using a shortcut".

Download and read the Microsoft Access Security FAQ (from Microsoft.com). Then read it again. It gives instructions on creating a secure database, and securing a database. Follow these instructions very carefully, and to the letter.

dana_cc said:
the only other thing I can do is turn the various options invisible to certain groups but then I am not sure about how to turn them visible again based on the permissions.
Click to expand...

The Security FAQ has a section titled "How can I obtain group and user membership information programmatically" with a subsection titled "Determine if a User is in a given Group". This may be useful to you in coding the hiding/showing of various controls (buttons), if that's the path you wish to take.

HTH

Regards

John.
 
You must log in or register to reply here.

Similar threads

J
How to create a password access within Database
2
Replies
23
Views
2,413
CJ_London
C
R
subforms and forms
Replies
5
Views
896
ryetee
R
Q
New User to Database
Replies
12
Views
505
The_Doc_Man
The_Doc_Man
I
Late Control binding to make Forms Field independant.
2 3 4
Replies
66
Views
2,644
The_Doc_Man
The_Doc_Man
Technics
Solved Need help with one of my Time Clock forms
2
Replies
32
Views
1,555
Technics
Technics

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom