|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Can i require password from operating system for mdb file to open?Can i limit an access mdb file to a given set of machines by loading into the
machines a password that the mdb file looks for before opening so that it will not work on other machines? The idea is that a user would not be able to make a copy of the file and instal it on another machine. Nothing can stop someone from copying an Access file to another computer.
After all, it's a file like any other. However, you can implement security into your mdb files so that people with the appropriate usernames and passwords can run it. Show quoteHide quote "abelinthecommunity" wrote: > Can i limit an access mdb file to a given set of machines by loading into the > machines a password that the mdb file looks for before opening so that it > will not work on other machines? The idea is that a user would not be able to > make a copy of the file and instal it on another machine. Thanks for your reply Ray.
It is because i know that people can and, for backing up needs, are making copies of both the front end and the data file that i want to ensure that even those with current user passwords cannot then use the information in the files on another machine. That is why i thought about a password that is put in the operating system and only the boss of my customers company knows that password. This may not be the best way so i am open to other ideas. What do you think? Show quoteHide quote "Ray" wrote: > Nothing can stop someone from copying an Access file to another computer. > After all, it's a file like any other. However, you can implement security > into your mdb files so that people with the appropriate usernames and > passwords can run it. > > "abelinthecommunity" wrote: > > > Can i limit an access mdb file to a given set of machines by loading into the > > machines a password that the mdb file looks for before opening so that it > > will not work on other machines? The idea is that a user would not be able to > > make a copy of the file and instal it on another machine. abelinthecommunity wrote:
> Thanks for your reply Ray. My standard advice on this...> > It is because i know that people can and, for backing up needs, are > making copies of both the front end and the data file that i want to > ensure that even those with current user passwords cannot then use > the information in the files on another machine. That is why i > thought about a password that is put in the operating system and only > the boss of my customers company knows that password. This may not be > the best way so i am open to other ideas. What do you think? If you need to protect data from non-users use network security. If you need to protect data from users then it should not be in an MDB file. There is no protection for an MDB that a few minutes on the internet and a few dollars won't defeat. -- Rick Brandt, Microsoft Access MVP Email (as appropriate) to... RBrandt at Hunter dot com I agree with Rick, Access has an excellent security model but it's not
bulletproof. Remember, this is a database designed for the PC, not a server. The only other option I could think of is to put a database password in the data file and only you and your application should know this password. That way users can link to it using the application and if they try to open the data file they can't because they won't know the password. But this is worse that user-level security because once they break the database password, they have access to everything. Like Rick said, a few bucks and a quick search on the internet can easily break the database password. That's why I use user-level security, it's better than a mere database password. I'm not a network expert but isn't there a way to prevent people from copying files? perhaps you can talk to a network specialist and have him prevent copying or deleting your files. Ray Show quoteHide quote "abelinthecommunity" wrote: > Thanks for your reply Ray. > > It is because i know that people can and, for backing up needs, are making > copies of both the front end and the data file that i want to ensure that > even those with current user passwords cannot then use the information in the > files on another machine. That is why i thought about a password that is put > in the operating system and only the boss of my customers company knows that > password. This may not be the best way so i am open to other ideas. What do > you think? > > "Ray" wrote: > > > Nothing can stop someone from copying an Access file to another computer. > > After all, it's a file like any other. However, you can implement security > > into your mdb files so that people with the appropriate usernames and > > passwords can run it. > > > > "abelinthecommunity" wrote: > > > > > Can i limit an access mdb file to a given set of machines by loading into the > > > machines a password that the mdb file looks for before opening so that it > > > will not work on other machines? The idea is that a user would not be able to > > > make a copy of the file and instal it on another machine. Actually, I have a way that might solve some problems.
First you create a small database that you can have users put in their computer. That database can be your portal. "Push here to enter database" and have a command button that closes that database and opens the main one. You can add a dll (dynamic linking library) module in there that pulls the log in name of the person accessing the database the opening database. Than you can create a table with the usernames and security level they want (I usually use Admin for everyone who is supposed to have access to it). On the opening form you could put a label that reads, "Push here to enter database" and have a command button that closes that database and opens the main one. Than you can create 2 modules. One for verifying the username and the other for verifying the security level. If the username matches one of the usernames on the list than you can you can press the button and have it link to your main database. If your username doesn't match you can have a message box that pops up and says "Access denied". You can shift lock the first database so no one can get in through the back way and keep your main database hidden where only you know where it is. This way everyone can have what they think is the database on their desktop but in reality won't have anything but a door. It seems like a lot of work, but it will do what you want. Ray wrote: Show quoteHide quote >I agree with Rick, Access has an excellent security model but it's not >bulletproof. Remember, this is a database designed for the PC, not a server. >The only other option I could think of is to put a database password in the >data file and only you and your application should know this password. That >way users can link to it using the application and if they try to open the >data file they can't because they won't know the password. > >But this is worse that user-level security because once they break the >database password, they have access to everything. Like Rick said, a few >bucks and a quick search on the internet can easily break the database >password. That's why I use user-level security, it's better than a mere >database password. > >I'm not a network expert but isn't there a way to prevent people from >copying files? perhaps you can talk to a network specialist and have him >prevent copying or deleting your files. > >Ray > >> Thanks for your reply Ray. >> >[quoted text clipped - 15 lines] >> > > will not work on other machines? The idea is that a user would not be able to >> > > make a copy of the file and instal it on another machine. "SpecProjAnalyst" <u26936@uwe> wrote in message news:66a21d74af4f2@uwe... Here is a major flaw in your cunning plan ;-)> Than you can > create a table with the usernames and security level they want Keith. Nah, because this database is username protected. You could also do some
coding so that you do not need a table but recognizes security privilages based on username. Besisdes if the database is shift key disabled, no one will be able to make it into the back end of the database to modify the table unless they can re-enable the shift key. :-P Keith Wilby wrote: >> Than you can >> create a table with the usernames and security level they want > >Here is a major flaw in your cunning plan ;-) > >Keith. -- Message posted via AccessMonster.com http://www.accessmonster.com/Uwe/Forums.aspx/access-security/200609/1 "SpecProjAnalyst via AccessMonster.com" <u26936@uwe> wrote in message news:66ab8b14f2d8b@uwe...> Nah, because this database is username protected. You could also do some Can be all very easily defeated. Adding a layer of complexity doesn't make > coding so that you do not need a table but recognizes security privilages > based on username. Besisdes if the database is shift key disabled, no one > will be able to make it into the back end of the database to modify the > table > unless they can re-enable the shift key. :-P > it more secure. Keith. Hi Ray
On the front end i have hidden the menu bar and database window, disabled the bypass key and set my own shortcut menu. The company do not want users to have to log in and out as they use each others machines regularly so they each have passwords to the parts only they can use. Do i understand from what you say that hackers can somehow open the file using another application and edit the code so that my protections can be overidden? Is that why you advocate creating an mde file? The backend is password protected but some employees have the password. If they should leave the company then they are quite likely to have recent copies of the backend which would still have the password they know. The idea here is to prevent either the front end or backend from opening on their own machine. What do you think of my idea as set out in my reply to SpecProjAnalyist? Thanks for your support Abel Show quoteHide quote "Ray" wrote: > I agree with Rick, Access has an excellent security model but it's not > bulletproof. Remember, this is a database designed for the PC, not a server. > The only other option I could think of is to put a database password in the > data file and only you and your application should know this password. That > way users can link to it using the application and if they try to open the > data file they can't because they won't know the password. > > But this is worse that user-level security because once they break the > database password, they have access to everything. Like Rick said, a few > bucks and a quick search on the internet can easily break the database > password. That's why I use user-level security, it's better than a mere > database password. > > I'm not a network expert but isn't there a way to prevent people from > copying files? perhaps you can talk to a network specialist and have him > prevent copying or deleting your files. > > Ray > > "abelinthecommunity" wrote: > > > Thanks for your reply Ray. > > > > It is because i know that people can and, for backing up needs, are making > > copies of both the front end and the data file that i want to ensure that > > even those with current user passwords cannot then use the information in the > > files on another machine. That is why i thought about a password that is put > > in the operating system and only the boss of my customers company knows that > > password. This may not be the best way so i am open to other ideas. What do > > you think? > > > > "Ray" wrote: > > > > > Nothing can stop someone from copying an Access file to another computer. > > > After all, it's a file like any other. However, you can implement security > > > into your mdb files so that people with the appropriate usernames and > > > passwords can run it. > > > > > > "abelinthecommunity" wrote: > > > > > > > Can i limit an access mdb file to a given set of machines by loading into the > > > > machines a password that the mdb file looks for before opening so that it > > > > will not work on other machines? The idea is that a user would not be able to > > > > make a copy of the file and instal it on another machine. There is a way that you can lock the database so it cannot be opened on the
back-end and requires a password before opening. Is this what you want to do? abelinthecommunity wrote: Show quoteHide quote >Can i limit an access mdb file to a given set of machines by loading into the >machines a password that the mdb file looks for before opening so that it >will not work on other machines? The idea is that a user would not be able to >make a copy of the file and instal it on another machine. Hello SpecProjAnalyst
The backend is password protected but the front end is open to all employees of the company. On the front end the menu bar and database window are hidden and the bypass key is disabled so parts of the database are password protected where necessary. Some employees have the password to the backend and the purpose of this exercise is to prevent employees taking home copies of either front or back ends and being able to open them or pass them on to competitors. I have designed a system with a bit of code that looks for the existence of another file. If that file is present then the database opens without fuss. If it is absent then the database file simply shuts down the application with no warning or options. Only the boss and myself need to know the existence of this process as it requires no password. I think it will do the job but would like to hear thoughts from others. Thanks Show quoteHide quote "SpecProjAnalyst" wrote: > There is a way that you can lock the database so it cannot be opened on the > back-end and requires a password before opening. Is this what you want to do? > > abelinthecommunity wrote: > >Can i limit an access mdb file to a given set of machines by loading into the > >machines a password that the mdb file looks for before opening so that it > >will not work on other machines? The idea is that a user would not be able to > >make a copy of the file and instal it on another machine. > > I programmed something like a few years ago and it worked alright. I had an
issue one time when the people I designed the datase for accidently deleted the file during one of her "purges". It is a good idea as long as back-ups are made. abelinthecommunity wrote: Show quoteHide quote >Hello SpecProjAnalyst > >The backend is password protected but the front end is open to all employees >of the company. On the front end the menu bar and database window are hidden >and the bypass key is disabled so parts of the database are password >protected where necessary. Some employees have the password to the backend >and the purpose of this exercise is to prevent employees taking home copies >of either front or back ends and being able to open them or pass them on to >competitors. > >I have designed a system with a bit of code that looks for the existence of >another file. If that file is present then the database opens without fuss. >If it is absent then the database file simply shuts down the application with >no warning or options. Only the boss and myself need to know the existence of >this process as it requires no password. I think it will do the job but would >like to hear thoughts from others. > >Thanks > >> There is a way that you can lock the database so it cannot be opened on the >> back-end and requires a password before opening. Is this what you want to do? >[quoted text clipped - 3 lines] >> >will not work on other machines? The idea is that a user would not be able to >> >make a copy of the file and instal it on another machine. 
Other interesting topics
|
|||||||||||||||||||||||
