Securing Database

[adrienne_r30]

This is sort of a big question.
I have a database (obviously) that I would like to make very secure. I do not want to have to create front end and back ends though (my client doesn't want that). I tried creating different users, my clients name as username and then a password, and made them just a data entry user, but the tables/queries/etc. were still visible and changeable. I know I can hide them in the current database options, but then they can just change that back if they wanted. I do not want them to see ANY behind the scene work, just the forms(I still need my job ). Can anyone give me some suggestions.

Thanks so much.

 

[JLCantara]

Bonjour Adrienne!

Since MS stupidly abandoned there highly sophisticated system of security for Access, I see this question pops up regularly. I have set up a solution that, I thing, works 100% (uhhhhh ). I will test it thoroughly today and make it available to the people of this forum; should be available tomorrow.
It is way more complicated then you thing... By the way, what version of Access are you using? My solution will work with 2007 and 2013.

Good luck, JLCantara.

 

[adrienne_r30]

I am using 2003 right now for a client, but I usually use the most up-to-date version

 

[The_Doc_Man]

Adrienne - It has been our general experience here that a split FE/BE is safer for all concerned, and not only for security reasons.

When you share the FE/only file, you are exposing your user to EVERY LOCK taken out by the Access program for EVERY ELEMENT that gets locked. Which turns out to be a lot more than you might imagine. Using a shared back-end, private front-end configuration drastically reduces lock competition, particularly if one form is more commonly used than others.

Here is your conundrum, and it has been true since Access 97. (Yes, I've worked with Access that long.) If your users can see the tables and queries, you are NOT secure. If your users can see the navigation facilities, you are NOT secure.

I won't tell you what to do about security the files. I will tell you that you must first reach an agreement with your customer regarding the effects of having unsecured database files that expose design elements and file locks to your user base. Once you have resolved that question, then you can go forward. This forum has a LOT of topics you can search (including some of mine and many from other members) regarding how to secure databases. But until you have a strategy AND a buy-in from your customers, talking about securing your DB is putting the cart before the horse.

 

[JLCantara]

Hi Adrienne,

I am late, here it's a big holiday weekend, and my web connexion flunked!!!
I have added some sophistication to my solution and it works well!!!
I cannot test it though: my version of Access, coming with Office 365, refuse to encode app... Of course MS cannot help!!!
By the way, you cannot achieve any form of security if you don't split your system.

Good luck, JLCantara.