Solved

Password and Username

Posted on 2003-11-08
8
306 Views
Last Modified: 2010-05-01
I am using an ADO data control to connect to my MS SQL Database.
I use the following connection string:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master

Is it a good practise to specify the password and usename to my database as specified above. Will it cause my application to be not secure. Please include your suggestions, comments, examples and etc.

Your help is kindly appreciated.

Regards
Eugene
0
Comment
Question by:eugene007
  • 5
  • 3
8 Comments
 
LVL 3

Accepted Solution

by:
NBrownoh earned 35 total points
ID: 9709188
it depends on who has access to your computer and the databse.  If the computer or program is being used by people who you might not want to have authority to add/edit/delete records then i would password the databse.  If its just you or just poeple who are authorized to edit the databse then i wouldnt worry about it too much.

If you plan on having unauthed users running this program i wouldnt hard code the password in, i would prompt for it.
0
 

Author Comment

by:eugene007
ID: 9709208
If you were to prompt the use for the username and pws, how would u store it. will it be encrypted if it was stored in a variable, and the used  in:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709217
just declare a private var in your routine that runs that sql query.  the only way anyone could touch it would be if you declared a global or stored it in a class module.  A private variable will be perfectly safe.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:eugene007
ID: 9709220
My database is password protected just as stated bellow:

Provider=sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709228
ok this is what i mean

Private Sub YourSub()
    Dim Pass As String
    TPass$ = InputBox("Please input a password to connect to the database.", "Password Prompt")
    If TPass$ <> "" And TPass$ <> "mama" Then
        Provider = "sqloledb;Network Library=DBMSSOCN;Password=mama;Persist Security Info=True;User ID=sa;Data Source=127.0.0.1;Initial Catalog=master"
    Else
        MsgBox "Your password was incorrect"
        Exit Sub
    End If
    'run the rest of your connection code here
End Sub
0
 

Author Comment

by:eugene007
ID: 9709230
Is there chances for someone to intercept the password and username on the network.
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709235
with that example there really wouldnt be, and in any sense who would be trying to intercept the message?  I would be worried more about the database being hacked rather than someone trying to pull it out of a sub that runs for a fraction of a second.
0
 
LVL 3

Expert Comment

by:NBrownoh
ID: 9709262
glad i could help you out :)
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I’ve seen a number of people looking for examples of how to access web services from VB6.  I’ve been using a test harness I built in VB6 (using many resources I found online) that I use for small projects to work out how to communicate with web serv…
Introduction While answering a recent question about filtering a custom class collection, I realized that this could be accomplished with very little code by using the ScriptControl (SC) library.  This article will introduce you to the SC library a…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question