is Access secure? --access Security QA Detailed

access| Security | security | detailed
is Access secure? --access Security QA Detailed







is Access secure? --access Security QA Detailed


Many friends in the MDB file when they encounter security issues about access, here is a Q & a way to answer your questions:

Q mdb I use [start] all the options are False, with the cover form to start, the same workgroup users do not authorize the table can not be modified, but he could build another empty database, import or link to modify, how to prevent? Please enlighten me!

A first, you should use the MS Access Workgroup Administrator program to create your own MDW files, such as NEWSYSTEM.MDW, and then create a new account such as Newadmin, the default is Amdin and, for example, the Guest account number, Then set the password for each account. Then log in as a newadmin account, establish a database, or import a table or form from an existing database for development. Set the security for the database. In addition to the Newadmin account, all the groups and users to the database open permissions are blocked, other permissions should also be screened off. It's safe to say so. This opens the database can only be associated with the newly created MDW file and can be opened using a Newadmin account. However, the actual application should also establish a running software account, such as newuser, (preferably not with the default "user" account, so associated to system. MDW can be entered, even if you set the password is not safe, because copy a new system. MDW can be associated as well. Will newuser account to each table's permission corresponding setting, can read and write, cannot modify the design, can only run to the form, in short it is used to run. Masks all permissions that can be modified. In this case, development and operation is two accounts, but the new problem is if this is given to the user, then the user must know NewUser account password, so the data is not safe, so you should also use VB or Delphi to make a condom, the simplest to write a sentence, run the database on the line Like what:



Strrunshell = "C:\Program Files\Microsoft Office\Office\MSACCESS. Exe/nostartup "
Strrunshell = Strrunshell & "/wrkgrp c:\newSystem.mdw c:\pinewood.mde/user newuser/pwd yourpassword"
RetVal = Shell (Strrunshell, vbMaximizedFocus)




Of course, this is just a meaning, in this condom can write something else, such as check whether access is installed, the path is not right, is not registered and so on. (Attached: Use another database that has been compiled as an MDE file to achieve the same effect)

Q User security Group I also used, but I mean the security mainly for internal personnel, outside the master such as Lin, do not talk about security.
Access has a fatal problem (perhaps I won't use it yet), its security performance can only be used in the current security-enabled database, the user's new database is useless, users only need to log in to access with his account, create a new *. MDB, the link function can be linked to the table of the back-end database (or front-end database can also be, because the front-end database table is linked to the back-end database table, he is nothing more than a link), he just read the contents of the table, you can arbitrarily modify.
In fact, Microsoft changed access to the security mechanism for all of the database rather than the current database, we do not have to worry about some of the first buddies, as we use the security mechanism is to prevent these internal users of illegal modification, destruction.
So we need access system-level security or Office Developer Edition also help

A wrong and wrong, "users only need to log in to access with his account, create a new *." MDB, the link function can be linked to the table of the back-end database (or front-end database can also be, because the front-end database table is linked to the back-end database table, he is nothing more than a link), he just read the contents of the table, you can arbitrarily modify. ”
This is the wrong word! If access's security is really like what Bro said, the ones I'm posting may be empty. You may not have practiced as I said. Actually, it wouldn't be like that, because I'm a newly created system file (that is, the MDW file), associated to the new system file to create the database, and the open permission of this database can only be made by the fixed user I specified, such as NewUser, so others, No matter what system files are associated with, you can't use a new database connection, and if that's the case, access would have been obsolete!
If you do not believe I can make a database sent to you to see if you can open. I began to use Access in 1997 to do development, I have completed a variety of databases I have to test repeatedly, you say that if you can, I would have accumulated dozens of of others to develop the database I want to break down ....

Q The foolish brother still does not understand:
The younger brother in the article refers to the user is refers to the internal operator, I also did many tests:
Example: I set up a database of security mechanisms, system to create a MDW file, I set a new read-only workgroup and a normal user (no administrator), the system's user groups do not set any permissions, and then quit Access, choose a new MDW file, with that ordinary user login, create a new file, You can then import and link the previous database with the security mechanism.

A You may not have read my post carefully, but in fact, the help of Access has a more detailed description, very detailed. But in order to make you understand, I would like to list a stupid step, bro do not mind, I also read a fool-like help to become wiser.
1, first use the Access installation directory under the WRKGADM.EXE program to create your own MDW file. Then the association.
2, login into Access, the default is admin users, casually set up an MDB, modify the Admin user password, set up a new account, such as Pinewood, as my future management into use, and then establish a newuser, for my future users. (You can not create any groups)
3, the landing, to Pinewood Landing, and then modify the password, that is, the empty password modified. Repeat for NewUser account.
4, to Pinewood Landing, build you need to develop the database MDB source file, name such as Mycode after saving to the security settings. Security settings you should know where it is, in the menu. Block all admin and Guest permissions on Mycode, and note that any permissions, whether new or new, or open permissions on the database, are removed. All permissions on the database are then blocked for all groups. cannot be omitted. If the user group does not block its permissions, admin and guest belonging to this group can open the database.
5, then the pinewood to the database permissions to set, of course, should be all permissions have. To set the NewUser permissions, of course, all tables, inquiries, etc. in addition to modify the design permissions, read and write permissions should be, open the database should have the right to run the permissions should have. In short, this account is for users.
6, then do the development, set up table forms and so on. You've already done that, so import it in. But at this time your database is safe, others can not get anything from the Mycode. Unless you know the password.
7, after the development should be separated from the database, not only do you do it, and then let the background MDB database as safe. The foreground program is then compiled as an MDE file.
8, do an EXE file, I said in other posts, simple use of NewUser account to open the database EXE file. Is for your users, so they can use the database in addition to using this EXE, there is no other way.
9, and then put the MDB to the server side, MDE and MDW and EXE published to users. Of course the association between an MDE and an MDB is established and debugged beforehand. What to do with programming is needless to say.
10, it is enough to do here, for the very need for security developers are there are still some work to do. Please refer to my other posts. "Attention" said a few. Those problems are used by nature, unused or useless. Which problem to solve which, bro think?

Q my God?!! Do I have to copy three files simultaneously, MDB & mdw & EXE??? ...
Do not say that VB EXE can be very convenient to decompile, do not others will not put the MDW file first deleted, and then open the MDB file?
If Access's security is limited to this, it's really called "total security."
Another question, do I need a more "safe" approach? The first two ways of saying that only a little bit of computer knowledge can be solved.

A for file sharing, the server side only needs to install the MDB database, and the client needs to install the EXE, MDW, and MDE files.
Attention:
1, is an MDE file, not an MDB, the database should be placed on the back end, and the MDE file is compiled, efficient, and even if the password is cracked will not reveal the source code.
2, if the user deleted the MDW file, then simply can not access the database, if not my mdw file can access my MDB file, then I talk about what security.
3, EXE file may not need to use VB,VC, BC, Delphi can, and then VB5 version of the above I have not heard can be decompile, also did not find the corresponding tools.
4, the current crack Access database user-level security password tools are also many, however, the user of the MDW file can be processed, so that even if the mdw file can be cracked, you cannot get permission to use the MDE source program file MDB, let alone the MDE source program file MDB He was simply unable to get, Because it's not published at all. Nowhere to be, unless your computer is free to use. So the program is certainly safe, the data security of the database is relatively safe, but it is sufficient.
Http://www.access911.net Webmaster Collection