Secure MS Access front-end from Hex Editor (1 Viewer)

isladogs

CID VIP
Local time
Today, 10:01
Joined
Jan 14, 2017
Messages
14,422
If you have followed all the steps in my various security articles, then your Access app should be secure enough for all practical purposes.
Nevertheless, no file based application such as Access can ever be absolutely secure ...
... though I do have one example app that nobody has been able to crack (at least not yet).

However I agree totally with the previous comments.
Placing your BE data in SQL Server or similar will be many orders of magnitude more secure still...if done properly.
But even then, it is important to realise that no computer based system can ever be 100% secure
 

Alhakeem1977

Registered User.
Local time
Today, 13:01
Joined
Jun 24, 2017
Messages
308
Hi. If you sincerely want that, then you should start considering using another development tool than Access. Otherwise, you can only go so far with it. Good luck!

Thanks theDBguy for your help, I really love Access, I am trying to develop Web application with Python.
Please advice me if it's the right path.

Thanks agin.
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 05:01
Joined
Feb 19, 2002
Messages
31,058
You never answered my question. Are you developing this app to sell? If not, securing it really isn't a problem. You need to make it secure enough to keep people from accidentally breaking it but that's all.
 

Alhakeem1977

Registered User.
Local time
Today, 13:01
Joined
Jun 24, 2017
Messages
308
Apologize, it's not to sell, actually I would like to automate what ever I see there's a manual work in our organization, but I can't help it because it's out of my hand, I will give up and rid of this as IT stands besides me.


I will continue build applications in MS Access and try to sell it.


The security issue leaded me to start building a new application in Python just hopefully to secure my income while retirement after 10 years. Moreover, I started to build an application in vb. net with C# then I stopped as I've realized that Python is much easier and easy to learn. please share your advice to lead me to the right path, thanks in advance!
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 05:01
Joined
Feb 19, 2002
Messages
31,058
This is an Access forum. If you have questions about web development, you will get better answers elsewhere.

I have an application that is sold but it is not a "shrink-wrapped" type of product. It is high-end and the clients pay an annual subscription fee and they also sign non-disclosure agreements as well as others The app is "locked" down to minimize the opportunity for prying eyes but Access is not secure so if they want to hack it, they can. Also, due to the nature of the product, I have the source code held in escrow by a lawyer. This gives the client peace of mind should my company go out of business. They make a one-time payment to my heirs and get a non-exclusive copy of the source code for their use only. For this type of product, the protection is more on the design than the code. Business applications are relatively easy to clone once you have access to all the forms and reports and tables. The client always has access to the data. It is theirs after all. But that means that they also have access to the schema.

Apps like search engines are very reliant on coding techniques but business apps are not. So, if you are building a business app, get a good signed agreement and don't worry so much about your code. Worry more about securing the copyright to the design part.
 

zeroaccess

Active member
Local time
Today, 04:01
Joined
Jan 30, 2020
Messages
658
It depends how your business is set up, but here's what I do:
  1. Database resides on an internal (government) network
  2. Database is .accde - no one has the .accdb except for me
  3. This .accde is locked down - bypass is disabled, ribbon is disabled, options menu is disabled, right-click menus are disabled
  4. The database allows access only via the login form based on your user name from your computer login - there are no passwords to manage - and you have to be on the list to pass the login
  5. Front and back end databases are hidden on the network with active directory and folder permissions are only granted to users, narrowing the number of people who have access by 95%
  6. Back end is encrypted if any of this small pool of people finds it - and these are users, not hackers
  7. If you wanted you could employ other schemes...
For all intents and purposes, the only way in is through social engineering of the db admin himself (me), which ain't happening, folks. By the way I like dark chocolate ;)
 

Users who are viewing this thread

Top Bottom