Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Password and Username

Posted on 2003-11-08
8
Medium Priority
?
325 Views
Last Modified: 2010-05-01
I am using an ADO data control to connect to my MS SQL Database.
I use the following connection string:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master

Is it a good practise to specify the password and usename to my database as specified above. Will it cause my application to be not secure. Please include your suggestions, comments, examples and etc.

Your help is kindly appreciated.

Regards
Eugene
0
Comment
Question by:eugene007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 3

Accepted Solution

by:
NBrownoh earned 140 total points
ID: 9709188
it depends on who has access to your computer and the databse.  If the computer or program is being used by people who you might not want to have authority to add/edit/delete records then i would password the databse.  If its just you or just poeple who are authorized to edit the databse then i wouldnt worry about it too much.

If you plan on having unauthed users running this program i wouldnt hard code the password in, i would prompt for it.
0
 

Author Comment

by:eugene007
ID: 9709208
If you were to prompt the use for the username and pws, how would u store it. will it be encrypted if it was stored in a variable, and the used  in:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709217
just declare a private var in your routine that runs that sql query.  the only way anyone could touch it would be if you declared a global or stored it in a class module.  A private variable will be perfectly safe.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:eugene007
ID: 9709220
My database is password protected just as stated bellow:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709228
ok this is what i mean

Private Sub YourSub()
    Dim Pass As String
    TPass$ = InputBox("Please input a password to connect to the database.", "Password Prompt")
    If TPass$ <> "" And TPass$ <> "mama" Then
        Provider = "sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master"
    Else
        MsgBox "Your password was incorrect"
        Exit Sub
    End If
    'run the rest of your connection code here
End Sub
0
 

Author Comment

by:eugene007
ID: 9709230
Is there chances for someone to intercept the password and username on the network.
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709235
with that example there really wouldnt be, and in any sense who would be trying to intercept the message?  I would be worried more about the database being hacked rather than someone trying to pull it out of a sub that runs for a fraction of a second.
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709262
glad i could help you out :)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most everyone who has done any programming in VB6 knows that you can do something in code like Debug.Print MyVar and that when the program runs from the IDE, the value of MyVar will be displayed in the Immediate Window. Less well known is Debug.Asse…
When designing a form there are several BorderStyles to choose from, all of which can be classified as either 'Fixed' or 'Sizable' and I'd guess that 'Fixed Single' or one of the other fixed types is the most popular choice. I assume it's the most p…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question