|
web
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How To Create Login Password Protected DatabaseI have to go home and read up on Access. But, I have read else-where in this newsgroup that I can just save the password in the database under scrutiny. Wouldn't it be wasteful to create a password column for all database entries? E.G.: Entry 1: password field1 ... fieldn .... Entry M:password field1 ... fieldn Note: For security reasons (unless I have to), I do not want to hardcode passwords in VB 8, or save encryted passwords in a text file.. Thanks, Christopher Lusardi Access supports workgroup security files. This allows you to create users,
groups and assign security to the database objects even at the field level. Once the workgroup file is setup, you can then provide a simple interface in your application to prompt the user for the login information. The security will be much like that of SQL or Oracle once implemented. Have a look at http://office.microsoft.com/en-us/assistance/HP030704101033.aspx <clusard***@aol.com> wrote in message Show quoteHide quote news:1146595429.398482.20170@g10g2000cwb.googlegroups.com... > Hello again, > > I have to go home and read up on Access. > > But, I have read else-where in this newsgroup that I can just save the > password in the database under scrutiny. > > Wouldn't it be wasteful to create a password column for all database > entries? > > E.G.: > > Entry 1: password field1 ... fieldn > ... > Entry M:password field1 ... fieldn > > Note: For security reasons (unless I have to), I do not want to > hardcode passwords in VB 8, or save encryted passwords in a text file.. > > Thanks, > Christopher Lusardi > IMHO, the security on Access is very weak because the security file can be
deleted and the database can be exposed to anyone. Show quoteHide quote "AMDRIT" wrote: > Access supports workgroup security files. This allows you to create users, > groups and assign security to the database objects even at the field level. > Once the workgroup file is setup, you can then provide a simple interface in > your application to prompt the user for the login information. The security > will be much like that of SQL or Oracle once implemented. > > Have a look at > http://office.microsoft.com/en-us/assistance/HP030704101033.aspx > > > <clusard***@aol.com> wrote in message > news:1146595429.398482.20170@g10g2000cwb.googlegroups.com... > > Hello again, > > > > I have to go home and read up on Access. > > > > But, I have read else-where in this newsgroup that I can just save the > > password in the database under scrutiny. > > > > Wouldn't it be wasteful to create a password column for all database > > entries? > > > > E.G.: > > > > Entry 1: password field1 ... fieldn > > ... > > Entry M:password field1 ... fieldn > > > > Note: For security reasons (unless I have to), I do not want to > > hardcode passwords in VB 8, or save encryted passwords in a text file.. > > > > Thanks, > > Christopher Lusardi > > > > > AverageUser wrote:
> IMHO, the security on Access is very weak because the security file can be What can I do about this? If I throw away VB and use Access directly> deleted and the database can be exposed to anyone. would that be better, or should I use something such as Oracle? Thank you, Christopher Lusardi Every lock has a lockpick. Access' security file is good enough. LAN
deployments are reasonably safe, just like pending deposits your accountants manage. It would be more secure than a CSV file. If you are that concerned about the security, create a webservice or remoting service and put the server in a NOC, or move to a major RDBMS. I don't think that security should be the main focus with Access. Rather, file locks on Novell servers, or data contention and disaster recovery should be the main focus. More about that security file. If you attempt to open the MDB without the security file, you will recieve an error. The only way I suppose you could bypass the security file, is to modify the header of the database itself. Absense of the security file is the same as absense of your key on the way back from vacation; there may be another way in, most people wont try it. Show quoteHide quote "AverageUser" <AverageU***@discussions.microsoft.com> wrote in message news:29161250-4C8E-4381-BFE4-FE5F390501F2@microsoft.com... > IMHO, the security on Access is very weak because the security file can be > deleted and the database can be exposed to anyone. > > "AMDRIT" wrote: > >> Access supports workgroup security files. This allows you to create >> users, >> groups and assign security to the database objects even at the field >> level. >> Once the workgroup file is setup, you can then provide a simple interface >> in >> your application to prompt the user for the login information. The >> security >> will be much like that of SQL or Oracle once implemented. >> >> Have a look at >> http://office.microsoft.com/en-us/assistance/HP030704101033.aspx >> >> >> <clusard***@aol.com> wrote in message >> news:1146595429.398482.20170@g10g2000cwb.googlegroups.com... >> > Hello again, >> > >> > I have to go home and read up on Access. >> > >> > But, I have read else-where in this newsgroup that I can just save the >> > password in the database under scrutiny. >> > >> > Wouldn't it be wasteful to create a password column for all database >> > entries? >> > >> > E.G.: >> > >> > Entry 1: password field1 ... fieldn >> > ... >> > Entry M:password field1 ... fieldn >> > >> > Note: For security reasons (unless I have to), I do not want to >> > hardcode passwords in VB 8, or save encryted passwords in a text file.. >> > >> > Thanks, >> > Christopher Lusardi >> > >> >> >> I think I'll store hashed passwords in a database and keep a backup of
the database. Chris What is it that you want to protect, really, and from whom?
clusard***@aol.com wrote: Show quoteHide quote > Hello again, > > I have to go home and read up on Access. > > But, I have read else-where in this newsgroup that I can just save the > password in the database under scrutiny. > > Wouldn't it be wasteful to create a password column for all database > entries? > > E.G.: > > Entry 1: password field1 ... fieldn > ... > Entry M:password field1 ... fieldn > > Note: For security reasons (unless I have to), I do not want to > hardcode passwords in VB 8, or save encryted passwords in a text file.. > > Thanks, > Christopher Lusardi > 
Other interesting topics
Re: making datareaders
Substring question Support for multiple database General Question About Web Apps, VB/ASP? Create Registry Entry On Install. How do you launch a vbscript within vb.net? myMAPISession.SignOn() VB2005 Short address pointer msmapi32.ocx Accessing existing Excel Workbook from complete path |
|||||||||||||||||||||||
