Okay I know that even with a password protected MDE, programs exist which can reconstruct the VBA.
My question is that if I define a global constant in the code - can that be pulled out?
The reason I am asking is that I am working on some encryption in order to store sensitive information in a database.
Currently I have a passphrase stored as a global constant so that I can access it from any module or object. This passphrase is used in the encryption process, and with that it would be easier to decrypt.
Now, an obvious answer to this is to require a user to enter the passphrase on startup and store it temporarily. That's just not going to happen though - in order for strong encryption a long passphrase is necessary. There is no way people are going to type it in, let alone memorize it. It would just end up written on paper taped under keyboards, etc.
My objective is to make this data as secure as possible while still being user friendly.
Obviously, if someone got just the MDE file, that wouldn't do them any good without the data file. The data file will be in a secured folder on the network where only say 5 people in the whole company will have access to. So overall I think I'm pretty secure, but just curious what can be pulled out of an MDE.
My question is that if I define a global constant in the code - can that be pulled out?
The reason I am asking is that I am working on some encryption in order to store sensitive information in a database.
Currently I have a passphrase stored as a global constant so that I can access it from any module or object. This passphrase is used in the encryption process, and with that it would be easier to decrypt.
Now, an obvious answer to this is to require a user to enter the passphrase on startup and store it temporarily. That's just not going to happen though - in order for strong encryption a long passphrase is necessary. There is no way people are going to type it in, let alone memorize it. It would just end up written on paper taped under keyboards, etc.
My objective is to make this data as secure as possible while still being user friendly.
Obviously, if someone got just the MDE file, that wouldn't do them any good without the data file. The data file will be in a secured folder on the network where only say 5 people in the whole company will have access to. So overall I think I'm pretty secure, but just curious what can be pulled out of an MDE.
