Password strength and lockout

[mikeco555]

I need to be able to enforce password strength rules to require a 8 character minimum and a lockout after 3 failed attempths to log-on to an access database. I am familiar with the system.mdw features but am unclear how to do this with the controls that access provides(do I need a 3rd party piece of software?). Any suggestions would be of great help.

Thanks
Mikeco555

 

[KernelK]

Look up ADOX. It is an included library that is bundled with Access, and it will give you access to the user/group methods used in Access User-Level Security. You can do everything from adding/modifying users/groups to changing/setting passwords. So you could verify your constraints and then use the ADOX method to change the password after verification.

Lockout? Like the user is not able to login at all after 3 failed attempts? I'm not sure this is possible as the earliest code you can put in is only run after a successful login. But there may be some kind of option you can set that I am unaware of.

 

[The_Doc_Man]

I'm with KernelK on this one. Password lockout, such as is common for government computer systems, is really tough to establish with a workgroup system. There is no context in which to work when you fail at a login unless you "roll your own" security from the ground up. I'm not a fan of that requirement. To me, the preferred method is what we do for our Dept. of the Navy cases - we file a waiver application that says - "Not possible with this software." If your PC is secured and part of a domain, you can claim (correctly) that access to the MDB is only through another layer that can meet the complexity and lockout criteria.

Pat Hartman has seen the features of the latest, greatest version of Access. She might know of a new feature for this. I know there is no "old" way to achieve this goal.