Protecting a BackEnd

I've got a split database residing on a network drive. The front end is copied locally onto each user's computer. I tried protecting the backend database with a password, but when I did, the frontend didn't have access, a box came up with a wrong error message. Where do I assign the password in the frontend? I tried the Security Wizard, but I didn't follow the instruction closely, since I was locked out completely. (Fortunately, I backed up everything before running the Wizard!) How can I protect the backend?
horaliaAsked:
Who is Participating?
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Connect With a Mentor Infotrakker SoftwareCommented:
I tend to disagree with most people in regards to Access User Level Security ... if properly applied, and if you make use of Windows security in conjunction with it, then you've got a pretty good security scheme, but gustav is correct in regards to utilities available to crack your security. Of course, the same warning applies to ANY protection scheme for ANY product - if man can make it, man can break it. It's just a matter of desire.

Your security scheme depends entirely on your needs. Do you just want to make it difficult for the casual user to get in? Then apply the db password, rebuild the links between your frontend and backend (supplying the backend password when needed) and go from there. To make it more difficult, apply User Level Security. Next step - apply Windows security (assuming your tables are on an NT-style box, that is). Next step - allow data access ONLY through RWOP queries and disallow ALL access to tables. Next step - encrypt the data. Next step - migrate your data to a true client/server style db (like MSSQL) because you've gone as far as you can go with Access.

0
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
Did you use the database password, or did you run the Security Wizard and implement User Level Security?
0
 
Eric FlammSenior ConsultantCommented:
I just create an AutoExec macro that Closes the application - so if someone double-clicks the back-end, it pops open and closes again. I also have a function sitting in a separate mdb that sets AllowBypassKey to false, so users can't hold down shift to get around the AutoExec. Of course, I also have a routine to enable the Bypass Key for maintenance purposes.

This won't prevent someone from linking to the tables in the backend - I don't know if there's a way to prevent new links from being established without screwing up the ones you need in the front-end.

-ef
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Eric FlammSenior ConsultantCommented:
Tools-Security-Set Database Password in Access XP - need to have exclusive database access to set or clear the password - but this would only protect the front-end, not the back-end.

-ef
0
 
ahmedbahgatCommented:
if you give the admin account within the security file used "NO Access to all the tables", you have logically protected the backend

this will not allow anyone using any other security file, from reading, linking to the backend, they can copy it but they can not read it, unless they use the same security file and they have a valid account with the right access

using a databse password, autoexec macro, or disabling the shift button will offer no protection


cheers
0
 
Gustav BrockCIOCommented:
First, you cannot really protect the backend without Access security. And even then, this can easily be cracked by utilities available for a few dollars.
However, to just keep out the naughty user, the backend database password is easy and fast to apply.
How to save and reuse the password without a dialog with the user, visit this link:

http://www.experts-exchange.com/Databases/MS_Access/Q_21105826.html

/gustav
0
 
horaliaAuthor Commented:
I don't want users to get into the backend part of my application. Most users at my company do not use Access and I don't think that they would be able to bypass some of Access security features, but since I'm distributing the application to more groups, there will be more users and much more of a chance that information may be corrupted. I'll relink my tables and protect the backend, and go from there. I have applied User Level Security, but that only pertains to the form. Thanks!
0
 
horaliaAuthor Commented:
I linked the tables to my frontend, but I didn't see an option to place set a password for the backend. Where do I do this?
0
 
horaliaAuthor Commented:
OK, I was linking a backend that didn't have a password. That takes care of this problem.
0
All Courses

From novice to tech pro — start learning today.