User Level Security

this is a good idea, but I have some smart users that know how to access the database itself without the shortcut.  How do I account for that security?

Thanks for your help.

I always disable the Shift key for my apps (so the user can't press the shift key to bypass the autoexec) and under Tools/Startup I uncheck all the options except for Allow Full Menus. I also uncheck the box for displaying the database window.  I then place code on the OnClose procedure for the main form (and any others that apply) that checks the Environ username.  If it is not equal to my username, the application quits.  I also create a 'backdoor' that allows me to enter a password somewhere on the form.  The same OnClose code checks for that password as well.  Therefore, if the user isn't me and if the user doesn't know the existence of the backdoor (and the password), the application will exit.

Oops!  Make that the OnLoad event.  I forgot that you don't want users to be able to access the application.  I use the same code in the OnClose event to prevent users from accessing the database window.  Question:  don't you have some kind of network security you can use to prevent 'unauthorized' access to your database(s)?  Or perhaps I have misunderstood the intent of your question...

You don't need EXTENSIVE VB to do this.  What you want to do is create a form for entering a username and password.  Set this form as the start-up form.  Disable all shortcut and default menus.  Create a table with usernames and passwords for your users.  In the password field, set the Input Mask to 'Password'.  Put a command button on the start-up form and for the OnClick event, place code similar to this (just change the variables for your situation):

Private Sub Command4_Click()
    Dim dbs As Database, rst As Recordset, sql As String
    'Me.VerPW is a text box on the form user enters password
    'Me.uName is a text box on form user enters username
    sql = "SELECT UserName, pWord FROM UsersTbl;"
    Set dbs = CurrentDb
    Set rst = dbs.OpenRecordset(sql)
    Do While Not rst.EOF
        If Me.uName = rst("UserName") Then
            If Me.VerPW = rst("pWord") Then
                'The user is in at this point
            Else: MsgBox "Password incorrect"
                Exit Sub
            End If
        End If
        rst.MoveNext
    Loop
    MsgBox "Username not found"
    Exit Function
End Sub

This is the very basic code.  You will want to spice it
up a bit, but this is the answer to .mdb-specific security
without using the .mdw workgroup admin method.

I disagree. If you actually want your database to be secure, you'll need to use Access' built-in security. The process for setting that up is not exceedingly difficult and involves no coding. I have a step-by-step process I can e-mail you, if you like. The key, as enite said, is to establish a second workgroup file (mdw). Then you'll have one secure "version" of Access and another "unsecure" version that anyone can use. *And* this approach will prevent anyone from accessing your database in any way: through Explorer, via importing or linking to your tables, any way. The other comments above only provide security if a user tries to enter your database directly.

Access' built-in security can be a headache.  We try not to use it unless the user explicitly requests it.  I've created some of the 'lock-down' methods I outlined earlier.  By using the Environ$("username") to check for a specific username, you can prevent users from opening the database even through Explorer (I just tested it with one of my users and she was unable to open the database.)  

One additional comment -- if you do use Access security as brewdog suggests, you then have the task of maintaining two database files.  I guess it boils down to what you want to do most (or should I say least!) in the way of maintenance for your application.

One additional comment -- if you do use Access security as brewdog suggests, you then have the task of maintaining two database files.  I guess it boils down to what you want to do most (or should I say least!) in the way of maintenance for your application.

Actually jkpcs had the answer I was looking for.  Go ahead and take the points jkpcs.  Sorry it took me so long, I was getting an error when I attempted to connect to this forum.

I do have security on my server but unfortunately this certain location has a few people that are in the same group, and rather then creating a new group I much rather have a userlevel security ate the db level.  

About people possibly linking to the tables, all you need to do is change the property to hide the tables.  You cant link to a hidden table and if you are not the owner of the db you cant change the property back nor click on the show hidden object feature.

something is strange with EE here . . . I posted a comment on Monday that isn't showing up. Anyway, what I said was:

as enite says, if you want real security, you'll have to go with Access' model. What the other comments will do is help provide some sort of "security" if someone tries to open your database directly, but it won't do anything if they try to import data, etc. If you set up Access security well, users *will not* be able to do anything to the database that you don't want them to.

I have a step-by-step security handout I can send you, rb982996, if you like. Just post your e-mail address if you'd like a copy. (It's in Word 97 format.)

This is mainly a comment re: the display of comments.  Seems like some are missing here for this particular question as well as double display for those comments that ARE shown.  What's going on?