|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Logon screen issues & how secure is a password stored inside an MDE file?Access 2003), but find it slightly irritating that the standard User-Level Security logon screen appears in front of a background of the normal Access database window, complete with all the normal menus and toolbar icons (all of which are irrelevant to my users). Essentially, I want to disguise the fact that Access has anything to do with my application (the end users are not interested in the tools I used to create it). A reply from Jeff Conrad to an archived thread from this newsgroup suggests that a possible solution is to create an additional unsecured 'front-front-end' database that contains a simple modal popup form triggered at startup that contains fields for entering username and password, with the opening of the real secured front-end being done by the underlying code. The only issue is that if the user mistypes their details, then all future logon attempts would use the normal logon screen. I would deployed this front-front-end as an MDE file. It occurred to me that if I did initial username and password checking in my front-front-end, then an invalid combination would never be used for opening the secured database and therefore the normal logon screen would never be seen. Two questions arise, 1. Are there better ways to create a bespoke logon screen? 2. Are usernames and passwords securely stored within an MDE file? David Does no one have any answers to either of my two questions?
David Show quote "David Anderson" <PLSdcanderson88@REMOVEhotmail.FIRSTcom> wrote in message news:ua9RJgiHIHA.1324@TK2MSFTNGP06.phx.gbl... >I have a secured Access 2000 front-end database (soon to be upgraded to >Access 2003), but find it slightly irritating that the standard User-Level >Security logon screen appears in front of a background of the normal Access >database window, complete with all the normal menus and toolbar icons (all >of which are irrelevant to my users). Essentially, I want to disguise the >fact that Access has anything to do with my application (the end users are >not interested in the tools I used to create it). > > A reply from Jeff Conrad to an archived thread from this newsgroup > suggests that a possible solution is to create an additional unsecured > 'front-front-end' database that contains a simple modal popup form > triggered at startup that contains fields for entering username and > password, with the opening of the real secured front-end being done by the > underlying code. The only issue is that if the user mistypes their > details, then all future logon attempts would use the normal logon screen. > I would deployed this front-front-end as an MDE file. > > It occurred to me that if I did initial username and password checking in > my front-front-end, then an invalid combination would never be used for > opening the secured database and therefore the normal logon screen would > never be seen. > > Two questions arise, > 1. Are there better ways to create a bespoke logon screen? > 2. Are usernames and passwords securely stored within an MDE file? > > David > "David Anderson" <PLSdcanderson88@REMOVEhotmail.FIRSTcom> wrote in message Possibly why no-one has responded is that perhaps it's a little overkill. I news:ua9RJgiHIHA.1324@TK2MSFTNGP06.phx.gbl... > > Two questions arise, > 1. Are there better ways to create a bespoke logon screen? quite happily tolerate an Access "flash" before the logon box comes up. If you don't want any menus or toolbars then why not disable them in the startup options? If your users aren't interested then they probably won't care about the "flash" anyway :-) > 2. Are usernames and passwords securely stored within an MDE file? As securely as a file-based application can be. It can be broken so you > have to do a risk assessment. Regards, Keith. www.keithwilby.com Hi Keith,
Obviously there is nothing vital about my preference for seeking a 'cleaner' look for a logon screen. It is just that, a preference rather than a need. I didn't quite follow your suggestion to disable menus and toolbars. My application already disables all standard menus and toolbars, but such settings do not yet apply at the point when the standard User-Level Security logon screen appears. How do you eliminate menus and toolbars at this stage? David Show quote "Keith Wilby" <h***@there.com> wrote in message news:473876ff$1_1@glkas0286.greenlnk.net... > "David Anderson" <PLSdcanderson88@REMOVEhotmail.FIRSTcom> wrote in message > news:ua9RJgiHIHA.1324@TK2MSFTNGP06.phx.gbl... >> >> Two questions arise, >> 1. Are there better ways to create a bespoke logon screen? > > Possibly why no-one has responded is that perhaps it's a little overkill. > I quite happily tolerate an Access "flash" before the logon box comes up. > If you don't want any menus or toolbars then why not disable them in the > startup options? If your users aren't interested then they probably won't > care about the "flash" anyway :-) > >> 2. Are usernames and passwords securely stored within an MDE file? >> > > As securely as a file-based application can be. It can be broken so you > have to do a risk assessment. > > Regards, > Keith. > www.keithwilby.com  |
|||||||||||||||||||||||
Other interesting topics