passwords for database

L

lala

Registered User.
Local time
Today, 13:15
Joined
Mar 20, 2002
Messages
741
How can I create a table with passwords for my users? If anyone wants they can just open that table and change the passwords
How can I avoid that
Thank you
 
Create bound a form with the password table as the source, when the user selects the form then only their password will be displayed on the form for the user to change the password.
 
Yes but if the user knows access a little, can't he just get into database window and open the table? And then type new passwords?
 
lala said:
Yes but if the user knows access a little, can't he just get into database window and open the table? And then type new passwords?
Click to expand...

That's where you have to use the

Disable Bypass Key code which can be found here on the forum (do a search) and then also uncheck the USE ACCESS SPECIAL KEYS checkbox in the startup options (or Current Database options if you are in 2007 or 2010) so that the F11 key can't be used to get to the database window / Navigation Pane.
 
i knew you'd come to the rescue)))))))))
i have a problem with that
first of all, how do i make design changes? always keep a backup with nothing disabled?
and whatif the user opens the database holding the shift key? i thought that will open up with the database window?
 
lala said:
i knew you'd come to the rescue)))))))))
i have a problem with that
first of all, how do i make design changes? always keep a backup with nothing disabled?
and whatif the user opens the database holding the shift key? i thought that will open up with the database window?
Click to expand...

1. You have the database split, correct?

2. You have a COPY of the Frontend on EACH user's machine, correct?

3. If #1 and #2 are YES then you leave the master copy unlocked and do your design changes and then lock a copy for redistribution (are you using an auto updater? If not you can and save some hassle).

4. As I said, you need to use the DISABLE BYPASS KEY code which will, when activated, keep the user from holding shift to open the file. Do a search on DISABLE BYPASS KEY.
 
yes, it's split
yes, copy on each machine
i understand what you're saying about a master copy
and thank you!! will search, just wanted to make sure that it does prevent users from holding the shift
 
If you are using 2007 you can change the file extension to accdr to make it a run time version and place that copy on the user's computer. This does not display your objects or ribbons but will only display the form that you have selected at Startup.
 
Also you an encrypt/decrypt the password so even if they manage to open the table the password will be encrypted an as they do not know the encryption code they cannot change it.
 
Another approach that I like to use is to have the DB check to see who is logged into Windows and in effect 'piggy back' off of the windows security to restrict what a user can do within MS Access. This simplifies things because you only maintain a table of logins, not passwords. It also means that users wil not be bothered by login forms as the database will simply recognize them.

<quote>
Function fnGet_userID()
'determine username currently logged into Windows

Dim strUser_ID As String

strUser_ID = Environ("UserName")

fnGet_userID = strUser_ID

End Function
</quote>
________
Sexual Transmitted Diseases Forums
 
Last edited:
tranchemontaigne said:
Another approach that I like to use is to have the DB check to see who is logged into Windows and in effect 'piggy back' off of the windows security to restrict what a user can do within MS Access. This simplifies things because you only maintain a table of logins, not passwords. It also means that users wil not be bothered by login forms as the database will simply recognize them.

<quote>
Function fnGet_userID()
'determine username currently logged into Windows

Dim strUser_ID As String

strUser_ID = Environ("UserName")

fnGet_userID = strUser_ID

End Function
</quote>
Click to expand...

yes, i love doing it this way, and i do my databases like this at my job, where everything is setup like it's supposed to and security is good

this database is for a sidejob. on the bosses desk is a spreadsheet with everyone's passwords

so it doesn't work here))))))))))))))))))))

also, anyone can then come to soneone's computer and using their login can do anything they want

at my job the computers lock automatically in 10 mins and you can't change that setting, so using windows passwordsis perfect there

but not here))))))))))))))
 
DCrake said:
Also you an encrypt/decrypt the password so even if they manage to open the table the password will be encrypted an as they do not know the encryption code they cannot change it.
Click to expand...

how is this done????
 
ok, another problem
if someone really wanted to, all they have to do is open a blank access database, link or import all the tables from the backend (in my case it's sql server) and they have all the info

i know there's a way for the odbc connection to ask for a password but don't know how to configure that from the sql server

anyone, please????????
 
The way you do that is to not grant any access to tables in SQL Server but create VIEWS instead which you use in your Access database as tables. Then you don't have to expose those. In fact, if you are using SQL Server there is no reason you have to link the password table to Access but instead use Stored Procedures to check the values and return their security level which means that way nothing is exposed.
 
i'm not even talking about the passwords table anymore. i just realized that if someone knows what they're doing they can just get access to all the tables in the database period
 
boblarson said:
The way you do that is to not grant any access to tables in SQL Server but create VIEWS instead which you use in your Access database as tables. Then you don't have to expose those. In fact, if you are using SQL Server there is no reason you have to link the password table to Access but instead use Stored Procedures to check the values and return their security level which means that way nothing is exposed.
Click to expand...

but how do views work? don't you have to link them into access anyway?
 
sorry for 3000 posts. what i mean is, there's an odbc connection on everyone's computer and anyone can open a blank database and link or import all the tables there and they have all the data. how can i avoid that?
 
lala said:
i'm not even talking about the passwords table anymore. i just realized that if someone knows what they're doing they can just get access to all the tables in the database period
Click to expand...

Again - so

1. How do you have the security set on SQL Server? Are you using SQL Logins or Windows Authentication?

2. If you give them the right security settings they can't do anything.

3. You can use Stored Procedures to do everything from within your program if you really are concerned with someone trying to access the SQL Tables.
 
i'm using windows authentication
the only thing that would solve my problems is having the odbc connection ask for password when people try to link anything through it

it's setup like that at my job, when i create an odbc connection or link using an existing one, it still asks me for a password. i can choose to save the password and it won't ask again, but it asks at least that once. that's what i want to do here just not sure how
 
You must log in or register to reply here.

Similar threads

P
Solved RefreshLink Code Takes Forever to Complete in Runtime
Replies
9
Views
498
Pac-Man
P
B
How to remove password protected from VBA modules
Replies
5
Views
667
theDBguy
theDBguy
FuzMic
Member i need HELP i am unable to access ALL past mdb using one common password encrypting the modules.
Replies
11
Views
593
isladogs
isladogs
D
Solved Change password using tempvar not passing to following form
Replies
4
Views
481
Gasman
Gasman
D
Solved Tempvars username not displaying on subsequent forms
Replies
11
Views
572
NauticalGent
NauticalGent

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom