Database Password does not work with Split Database

[Konrad Stoudenmire]

We want to put a database password on our Access 2000
database. I've set the same password on the backend file
that has all of the tables as well as the front end file.
When I try to access these tables through the front end, I
get a window that states "Not a valid password". When I
try to relink the tables, I get the same error. According
to the Access 2000 help file, when I try to relink the
tables or when I just try and access them through the
front end, I should get a password prompt. This is not
happening. If I load the back end file separately, I do
get the password prompt.

Why is this happening, and what can I do to fix this
problem? User level security is not an option as it is
easily bypassed.

Konrad

 

[Lynn Trapp]

User level security is not an option as it is

easily bypassed.

A database password is much easier to crack than user level security.

 

[Joan Wild]

We want to put a database password on our Access 2000
database. I've set the same password on the backend file
that has all of the tables as well as the front end file.
When I try to access these tables through the front end, I
get a window that states "Not a valid password". When I
try to relink the tables, I get the same error. According
to the Access 2000 help file, when I try to relink the
tables or when I just try and access them through the
front end, I should get a password prompt. This is not
happening. If I load the back end file separately, I do
get the password prompt.

Why is this happening, and what can I do to fix this
problem? User level security is not an option as it is
easily bypassed.

Not as easy as the database password. But, if you want to overcome the
issue, you need to delete the links and then recreate them - you'll then be
prompted for the backend password.

 

[Konrad Stoudenmire]

I must have done something wrong when we tried the user
level security. When I installed the front-end to our
database on another machine for the first time, I forgot
to say where the SYSTEM.MDW file was at. It didn't even
prompt for a user or password and gave full access. How
can you prevent this, because it seems that if the
database is physically moved, the user level security is
worthless. From what I could tell, if the SYSTEM.MDW file
is missing, there isn't any user-level security.

Konrad

 

[Joan Wild]

If it didn't prompt for a username/password, and you were even able to open
it, then you missed a step in securing it. That's actually a good test to
see if you did it right - you shouldn't be able to open the database unless
using the correct mdw.

You missed a step somewhere. You shouldn't use the wizard in 2000 as it
doesn't do the job. You can follow the step-by-step I've outlined at
www.jmwild.com/AccessSecurity.htm

 

[Guest]

Please see my reply to the next message regarding the user
level security - because that is what I preferred but
didn't have good results.

Konrad

 

[Guest]

I will do. I did use the wizard, so that is probably the
problem. We are very concerned with securing our Access
database as it contains customer information that we would
hate for a disgruntled employee to copy and give to a
competitor. I saw a post on here somewhere mentioning a
program that would hack the Access database password. Is
it that easy to hack the user-level security? Any other
recommendations?

Thanks,
Konrad

 

[Joan Wild]

We are very concerned with securing our Access
database as it contains customer information that we would
hate for a disgruntled employee to copy and give to a
competitor. I saw a post on here somewhere mentioning a
program that would hack the Access database password. Is
it that easy to hack the user-level security? Any other
recommendations?

User level security can also be hacked by the determined. If you search the
internet, you'll find tools to get the usernames/passwords out of the mdw.

You can secure your mdb, but then ship it with a different mdw than the one
used to secure it. Although it is possible to break security without the
mdw, you won't find many tools to do the job.

The fact is that Access is a file-based system. Users need access to the
file in order to use it; therefore they can hack into it.

You can do a lot to hide things, but the determined can get in.

If you are that concerned about security, you would choose a server database
system, like SQL Server.