Printable Version of Topic

Click here to view this topic in its original format

UtterAccess Forums _ Access Security _ Custom Login + Password Protect

Posted by: dzoker Feb 26 2019, 09:19 AM

Hi All,

I have a database (split) for which I use a custom Log In (VBA). Is there a way to to use the native access "Encrypt with Password" option together with a custom log in (where all users have username and password) w/o being asked for the encryption password and then "my" credentials (username & password)?

ty

Posted by: GroverParkGeorge Feb 26 2019, 10:02 AM

No.

If your Access database application has two different passwords, you'll need to ask your users to supply two different passwords.

That said, perhaps there is a workaround, although I can't think of one off the top of my head at the moment.

Posted by: theDBguy Feb 26 2019, 11:10 AM

Hi. If the intent is to encrypt the BE but not bother the users to enter the encryption password because you'll be authenticating them using your own login system, then the workaround is probably vPPC. It's a system developed by some of our experts here at UA (Brent was one of them) where you can use an encrypted backend without exposing the password to the user. Unfortunately, I don't have a good link to provide at the moment.

Posted by: nvogel Feb 26 2019, 11:47 AM

It's a poor idea to invent your own login mechanism. If role-based security is important to you then don't use ACE as your database engine. Use SQL Server or another SQL DBMS, all of which have single-signon, role-based security as standard.

Posted by: pere_de_chipstick Feb 26 2019, 12:00 PM

Hi

Depending on what you need your security for, - Access is not the most secure db available and in some circumstances Access cannot be used where security is important.

However, you can encrypt the BE with a password which is stored in the Front End (FE), without having to encrypt the FE. When a user logs on, the FE can interrogate the BE to check the users password and, if valid would allow the use to log on.

This is not foolproof as, with this method, the BE password can be found in one of the system tables in the FE. Also you should take steps to prevent (as far as possible) users accessing the BE tables through the Front End. (e.g by forcing the user to go though a start up routine and inhibiting the 'ByPass key'

The vPPC method, which theDBguy refers to, removes the BE password from the system tables in the Front End. It involves creating two BE files, both having an identical table structure, but one with no data and no password. The FE initially links to the unprotected files and, once linked, the FE is closed and the unprotected file is replaced with the password protected file. When the FE subsequently opens it opens a persistent recordset using the BE password, which is stored within a VBA module in the FE. The FE should then only ever be distributed as an accde to help prevent users accessing the password by opening up the VBA modules.

hth

Posted by: DanielPineault Feb 26 2019, 01:26 PM

QUOTE
vPPC ... Unfortunately, I don't have a good link to provide at the moment.


Come on theDBguy! pullhair.gif ohyeah.gif




All kidding aside, a while back (looking at the date, its actually been a few years now - feeling old all of a sudden dazed.gif ) I was searching everywhere for this and every single link I could find no longer work. Thankfully, Alan was kind enough to provide me with a copy which I've made available to everyone.

http://www.devhut.net/2016/09/01/securing-your-ms-access-database-front-end/ there's a download available at the end of the post.

Posted by: dzoker Feb 26 2019, 01:30 PM

Thank you all for your answers/help. I kind of knew this was going to be complicated but wanted to give it a shot. uarulez2.gif

QUOTE
Depending on what you need your security for, - Access is not the most secure db available and in some circumstances Access cannot be used where security is important.

It's not that much of a security concern but just those kind of nosey users that think they"know Access!!" and try to poke around.

Thank you all! cheers.gif

Posted by: dzoker Feb 26 2019, 01:31 PM

DanielPineault,

Thank you! I'll give it a look