Securing the back end of your database

[Essendon]

Hi,

I have been looking into MSACCESS security for the first time today. I have made a little test database that I open with a shortcut that looks like this:

"C:\Program Files\Microsoft Office\Office10\MSACCESS.EXE" /wrkgrp "C:\Database\test.mdw" "C:\Database\test.mdb"

That is working fine and I am happy with that.

Next I split the database by moving some tables to a new backend mdb and set up link tables in my original mdb which we can now call the front end. Everything works fine, but there is no security whatsoever on the backend db. I can simply open the backend mdb by itself and view/change whatever I want.

Is there a way I can secure my new back end with the same users/groups/permissions as the front end? I have tried making a separate mdw file for the backend, but that means my link tables don't work. Could someone please give me some ideas.

Thanks in advance,

Peter

P.S. I now have separate folders for the front end (C:\Database\Front End\) and the back end (C:\Database\Back End\).

 

[Autoeng]

Read the Microsoft Security Faq herehttp://support.microsoft.com/default.aspx?scid=/support/access/content/secfaq.asp

There have been several post here about this subject

search for backend security

http://www.access-programmers.co.uk...?s=&threadid=40109&highlight=backend+security

Autoeng

 

[ray147]

I am having the same issue...I'd like to secure my back-end by putting in the database password but then the linked tables from the front end doesn't work...

i saw the VBA code that opens the database with the password, but i can;t figure out where to put that..since I'm just opening the front end database and the tables are linked ...so i'm not essentially opening the backend currently...where do i put that VBA code, or how?

or maybe is there another better way of securing the backend? I'm running on Citrix server and the IT support people said that workgroups are not utilised on the system, in fact I can't access workgroup information.

Another question is how can I secure the front end from not allowing the users to hold the Shift Key and double-click on the file to open it in full permissions and bypass the Startup (Tools Menu...Startup) routine ? and can I make my VBA code password-protected ?

I know that's a lot of questions here..but all are related

many thanks

 

[iangirven]

securing a db

Please find atached a copy of a sample I have used for some basic security for a db.

This uses a popup form with unbound text boxes for the user to enter their ID and a password. VB Code then checks through the personal table to look for matching details. if a match is found entry is allowed.

As for disabling the bypass key i use teh following code.

Private Sub Form_Open(Cancel As Integer)
DoCmd.Maximize

ChangeProperty "StartupForm", dbText, "SYSTEMENTRY"
ChangeProperty "StartupShowDBWindow", dbBoolean, True
ChangeProperty "StartupShowStatusBar", dbBoolean, False
ChangeProperty "AllowBuiltinToolbars", dbBoolean, True
ChangeProperty "AllowFullMenus", dbBoolean, True
ChangeProperty "AllowBreakIntoCode", dbBoolean, False
ChangeProperty "AllowSpecialKeys", dbBoolean, True
ChangeProperty "AllowBypassKey", dbBoolean, False
End Sub

hope this helps

regards

ian

 

[ghudson]

If your back end has an open database password... You need to delete the table links in the front end, then relink the tables to the back end. Access will ask you for the password when you relink the tables and then store it within the table links [but the user will not see it nor will they be prompted for it].

 

[Digby]

Ghudson I love you, sorry people, I thought I would need a whole load of code but you have just made me very very happy, this means that no one can import my back end data! Wo hooooooo lol sorry im about to get up and dance around my office!

 

[ghudson]

You are welcome.

Just be warned that there are freebie password hacking tools that can easily break the on open database password. Access security which uses a custom workgroup and user permissions is more secure and the hacking tools floating around to break Access workgroup security are not free.

 

[Digby]

Its to go on a goverment sys.

I have pretty much computer iliterate user and even admin dont know the diff between access and excel!!!!

But all the computers are owned by NHS, and they have IT, im not worried about them getting to the tables as they work for the comp and they are not stupid enough, but if i have some little pesky that wants to fuck things up it will stop him, im easily the most comp lit. person there and I do not know anything about breaking passwords so not too worried! lol

 

[Johnvandamme]

Great to see how technics can make people happy