Results 1 to 11 of 11
  1. #1
    New Lounger
    Join Date
    Mar 2002
    Location
    Ohio, USA
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Is there a easy way to keep a database from being copied? We run Access 2003. The database has no security on it. The subdirectory is accessable to only my unit, but some folks are coping it and using the copies instead of the master. If I put a password on it, it doesn't keep it from being copied, only opening it up. If a few people know the password as the database is used 24/7, I think it would only be a matter of days before that became worthless. Any ideas?

  2. #2
    Gold Lounger
    Join Date
    Jun 2001
    Location
    Crystal Beach, FL, Florida, USA
    Posts
    3,436
    Thanks
    1
    Thanked 34 Times in 34 Posts
    [quote name='Penny' post='780667' date='19-Jun-2009 13:28']Is there a easy way to keep a database from being copied? We run Access 2003. The database has no security on it. The subdirectory is accessable to only my unit, but some folks are coping it and using the copies instead of the master. If I put a password on it, it doesn't keep it from being copied, only opening it up. If a few people know the password as the database is used 24/7, I think it would only be a matter of days before that became worthless. Any ideas?[/quote]
    It sounds as if you just have a single database rather than a split frontend/backend situation. I'd suggest you split it. Users will work with the frontend only, so copying it won't involve copying the data. And you can put the backend db somewhere on a server such that it is not easily found.
    Mark Liquorman
    See my website for Tips & Downloads and for my Liquorman Utilities.

  3. #3
    Super Moderator
    Join Date
    Aug 2001
    Location
    Evergreen, CO, USA
    Posts
    6,623
    Thanks
    3
    Thanked 60 Times in 60 Posts
    [quote name='Penny' post='780667' date='19-Jun-2009 11:28']Is there a easy way to keep a database from being copied? We run Access 2003. The database has no security on it. The subdirectory is accessable to only my unit, but some folks are coping it and using the copies instead of the master. If I put a password on it, it doesn't keep it from being copied, only opening it up. If a few people know the password as the database is used 24/7, I think it would only be a matter of days before that became worthless. Any ideas?[/quote]In addition to Mark's suggesstion, which I would do immediately, you might want to implement Access User Security. That way each user can be assigned their own password, and you can determine who is editing what records if that is of interest. If the users are copying the database, then you defeat the idea of being able to see all of the data, which is what databases are all about.
    Wendell

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    Access requires that users have full permissions (read/write/create/delete) on the folder containing the database, and this applies to both the frontend and backend if you use a split database design. So users can always copy the database. If they know the password (whether a database password or a user-level login password), they will be able to work with the copy...

  5. #5
    3 Star Lounger
    Join Date
    Mar 2009
    Location
    Hong Kong
    Posts
    359
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='HansV' post='780702' date='20-Jun-2009 05:34']Access requires that users have full permissions (read/write/create/delete) on the folder containing the database, and this applies to both the frontend and backend if you use a split database design. So users can always copy the database. If they know the password (whether a database password or a user-level login password), they will be able to work with the copy...[/quote]
    Hi HansV,
    Is it plausible to set up a OnTimer event to periodically verify and alter the passwords?
    Is there any practical solution to keep high-value Access database from the wrong hands?
    Armstrong

  6. #6
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    [quote name='armsys' post='780708' date='20-Jun-2009 00:11']Is there any practical solution to keep high-value Access database from the wrong hands?[/quote]
    Don't allow anybody to use the database. As soon as someone can use the database, even if it is rigourously protected, they can make a screenshot, then use an OCR program to convert the screenshot to editable text...

  7. #7
    3 Star Lounger
    Join Date
    Mar 2009
    Location
    Hong Kong
    Posts
    359
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='HansV' post='780710' date='20-Jun-2009 06:19']Don't allow anybody to use the database. As soon as someone can use the database, even if it is rigourously protected, they can make a screenshot, then use an OCR program to convert the screenshot to editable text...[/quote]
    The OCR thing (sounded like the Firewall scheme http://firewallmovie.warnerbros.com/) isn't the core issue here.
    Rather it's the application, meant for commercial distribution, such as Inventory, Litigation, and Customer Support. Can I obtain the serial number of the CPU from Access VBA and delete the tables if unmatched?
    Armstrong

  8. #8
    Super Moderator
    Join Date
    Jun 2002
    Location
    Mt Macedon, Victoria, Australia
    Posts
    3,993
    Thanks
    1
    Thanked 45 Times in 44 Posts
    [quote name='Penny' post='780667' date='20-Jun-2009 05:28']Is there a easy way to keep a database from being copied? We run Access 2003. The database has no security on it. The subdirectory is accessable to only my unit, but some folks are coping it and using the copies instead of the master. If I put a password on it, it doesn't keep it from being copied, only opening it up. If a few people know the password as the database is used 24/7, I think it would only be a matter of days before that became worthless. Any ideas?[/quote]

    If your database is not split (and I agree that it should be) then CurrentProject.FullName returns the full path and filename of the database being used.

    You could include some code that checked this, and if it is not the right value, display a message and exit the database immediately. I would put this in the onload event of the startup form.
    (if you ever move or rename the database you would need to remember to update this code.)
    Regards
    John



  9. #9
    3 Star Lounger
    Join Date
    Mar 2009
    Location
    Hong Kong
    Posts
    359
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='johnhutchison' post='780741' date='20-Jun-2009 13:20']If your database is not split (and I agree that it should be) then CurrentProject.FullName returns the full path and filename of the database being used.

    You could include some code that checked this, and if it is not the right value, display a message and exit the database immediately. I would put this in the onload event of the startup form.
    (if you ever move or rename the database you would need to remember to update this code.)[/quote]
    Hi John,
    Thanks for your idea. Yours is definitely a doable solution.
    BTW, could an Access runtime database be easily decompiled by ordinary users?
    Armstrong

  10. #10
    Super Moderator
    Join Date
    Jun 2002
    Location
    Mt Macedon, Victoria, Australia
    Posts
    3,993
    Thanks
    1
    Thanked 45 Times in 44 Posts
    [quote name='armsys' post='780742' date='20-Jun-2009 16:28']BTW, could an Access runtime database be easily decompiled by ordinary users?
    Armstrong[/quote]

    I don't know anything about decompiling, so I don't think it could be decompiled by ordinary users, but maybe by unusually skilled users.

    Another security measure I have used is to put a file with a specific name in a specific place on any computer allowed to use the database, and check for the presence of that file at startup. In this case, there is No Explanation if the file is not found. You are just immediately booted out.

    I am waiting for the day the people who look after the computers at this site forget about this, and come asking about the strange behaviour when someone gets a new computer. But it has not happened in over 5 years.
    Regards
    John



  11. #11
    3 Star Lounger
    Join Date
    Mar 2009
    Location
    Hong Kong
    Posts
    359
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='johnhutchison' post='780747' date='20-Jun-2009 13:48']I don't know anything about decompiling, so I don't think it could be decompiled by ordinary users, but maybe by unusually skilled users.

    Another security measure I have used is to put a file with a specific name in a specific place on any computer allowed to use the database, and check for the presence of that file at startup. In this case, there is No Explanation if the file is not found. You are just immediately booted out.

    I am waiting for the day the people who look after the computers at this site forget about this, and come asking about the strange behaviour when someone gets a new computer. But it has not happened in over 5 years.[/quote]
    Thanks for sharing your anti-piracy measures.
    Armstrong

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •