jcolby at colbyconsulting.com
jcolby at colbyconsulting.com
Tue Jul 22 12:02:56 CDT 2003
hold down the alt key and type in the three digit ascii value should "insert" the special character. John W. Colby www.colbyconsulting.com -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Michael Brosdorf Sent: Tuesday, July 22, 2003 11:48 AM To: Access Developers discussion and problem solving Subject: AW: [AccessD] Lost Security-Hacking Actually, if you have the MDW-file, you can get all passwords stored in there. The makers of the product I have also offer hacking of an MDB WITHOUT the MDW file as a 'service'. Maybe this will protect a database that absolutely requires an MDW-file (virtually every multi-user application) a little better: 1. Create a new user account 'dev' in the database and make it the owner of all objects 2. Develop the application using that account 3. Before distributing the MDW-file: delete that user account completely. All other accounts should be somewhat restricted to design view objects (I did not test that - just a thought...) Just as an interesting fact: There is a tool called TurboLister that can be used to create ebay auctions very easy (it is directly from ebay and it is free!). It apparently uses an MDB file to store it's data. That file is password protected. The tool displays the password, but it does not work. It looks like they used some special characters in the password that cannot be entered directly using the keyboard. I'd be curious to know how that works... Michael -----Ursprungliche Nachricht----- Von: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com]Im Auftrag von Charlotte Foust Gesendet: Dienstag, 22. Juli 2003 17:28 An: Access Developers discussion and problem solving Betreff: RE: [AccessD] Lost Security-Hacking That would be for the database/application file password, not for passwords within Access security. Charlotte Foust -----Original Message----- From: Erwin Craps [mailto:Erwin.Craps at ithelps.be] Sent: Monday, July 21, 2003 10:03 PM To: Access Developers discussion and problem solving Subject: RE: [AccessD] Lost Security-Hacking Please note that you can buy a simple tool to hack any password of Access, word, excel and other shelf apps... I bought it myself about two yaers ago for a legitimate reason.... I does not cist much... -----Oorspronkelijk bericht----- Van: Arthur Fuller [mailto:artful at rogers.com] Verzonden: dinsdag 22 juli 2003 7:16 Aan: 'Access Developers discussion and problem solving' Onderwerp: RE: [AccessD] Lost Security-Hacking Let's assume that cracking the target is worth $10K US (actually pretty soon $10K CDN will be worth more :-), but let's ignore currency and deficit issues. I know two dozen hackers who would devote a week for such a score, and none is older than 19. You wouldn't believe the cracks they have offered me. I don't know whether they found them or whether they know crackers in other countries who offered them the cracks free, but nothing is safe. Give a 19-year-old geek a gorgeous hooker for a night and you'd be surprised what he will offer you back. A. -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Martin Reid Sent: July 21, 2003 4:08 PM To: Access Developers discussion and problem solving Subject: [AccessD] Lost Security-Hacking Just out of interest How many could hack a secured Access database? Martin _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com