Results 1 to 4 of 4
  1. #1
    3 Star Lounger
    Join Date
    Nov 2001
    Location
    Sydney, New South Wales, Australia
    Posts
    216
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Security Concerns (2K-SR2)

    I am pondering over the real usefulness of database security. To put it bluntly, what good is it if all one has to do is either join a different workgroup or delete the workgroup file? Am I missing something here?

    Nick

  2. #2
    Super Moderator
    Join Date
    Aug 2001
    Location
    Evergreen, CO, USA
    Posts
    6,624
    Thanks
    3
    Thanked 60 Times in 60 Posts

    Re: Security Concerns (2K-SR2)

    I have to disagree with Jon on this one - Access security is a VERY powerful tool if it is done correctly. We've used it for nearly 10 years, and nearly always implement it on databases with more than one or two users. It allows you to control who can do what, and it also allows you to track who did what to whom with a bit of code to store who made that most recent changes. (If you are running a SQL Server backend, this is of less value, as it will do this sort of thing for you using triggers, which are not dependent on making changes from forms.) And in 10 years, we have never seen a database that was corrupted because of using security. You do run the risk of not being able to access your database if you don't keep very good track of how users are registered, but that's just a good computing practice. I should also note that the entire security model can be manipulated in VBA if you want to create something of a commercial application and not have users messing with the security tools. As to your question about joining a different workgroup, if the database has been properly secured, you have to have a valid login and password in that workgroup, or you cannot access the database. And deleting the workgroup file assures you of not being able to access the database at all. Go through the Microsoft white papers in some detail, and then try using the Security Wizard to completely secure a database and I think you'll see what I mean.
    Wendell

  3. #3
    Plutonium Lounger
    Join Date
    Dec 2000
    Location
    Sacramento, California, USA
    Posts
    16,775
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Security Concerns (2K-SR2)

    I'm with Wendell on this issue. All of the commercial products we distribute use Access security. If you're the only one using the database, then it's a waste of time. If several people are going to use it or you want to keep nosy users from destroying your database for you, learn how to implement Access security properly. It is NOT bonehead simple and you have to work at it, but it is well worth the effort, both to secure your application and to avoid reinventing the wheel by creating your own "security" system.
    Charlotte

  4. #4
    Silver Lounger GARYPSWANSON's Avatar
    Join Date
    Aug 2001
    Location
    Frederick, Maryland, USA
    Posts
    1,788
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Re: Security Concerns (2K-SR2)

    ... I was recently pondering the same question and Charlotte and others provided some good ideas. To bypass the Workgroup Information File (depending on how secure you need the database to be), save the database as a .MDE and set a database password. The database password is not stored in the workgroup information file and the .MDE prevents the code from being viewed as well as prevents changes the design of certain objects. As stated, there are other ways to better secure the database, however, the .MDE and Database password served my needs.
    Regards,

    Gary
    (It's been a while!)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •