[AccessD] Database Needs Password Protection

Jim Lawrence accessd at shaw.ca
Mon Apr 26 13:22:11 CDT 2010 

Hi Rocky:

At the end of the day, if the user requires complete standard level of
security they will have to go with a different BE... a real SQL like MS SQL,
Oracle or MySQL or something like that. (I was just saying exactly that to a
potentially new municipal government client this morning. (What a
coincidence?!) We will be moving all the queries to procedures with
parameteres (no sequel script passing allowed) on their Oracle DB which they
already have in place).

Otherwise your client will just have to accept the potential and limits of
MS Access.

Jim

  

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Monday, April 26, 2010 10:55 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Database Needs Password Protection

I could but 1) there may be more than one BE that a user wants to link to,
2) the client will want to be able to change the password without me having
to recode the FE and send an update, 3) users of the app currently can move
the BE wherever they want to and relink through the FE utility. 

So the PW would need to be stored outside the FE.  This could be done in a
password mdb residing in the same folder with the BE, but then they also
have the ability to move the BE where they want it - like they want to do a
'what if' so they copy the BE to their local drive, rename it and link to it
to do their 'what if'. No end of trouble here.  

At the moment, I'm pressing the client for exactly what their security
requirements are to see if I can't get him to reduce the requirement or buy
off on it completely.  As I say, all other clients to this point are in
environments where they're not concerned about people going into the back
end ad hoc and making changes. 

Rocky

More information about the AccessD mailing list