Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 713
  • Last Modified:

Protecting a BackEnd

I've got a split database residing on a network drive. The front end is copied locally onto each user's computer. I tried protecting the backend database with a password, but when I did, the frontend didn't have access, a box came up with a wrong error message. Where do I assign the password in the frontend? I tried the Security Wizard, but I didn't follow the instruction closely, since I was locked out completely. (Fortunately, I backed up everything before running the Wizard!) How can I protect the backend?
0
horalia
Asked:
horalia
  • 3
  • 2
  • 2
  • +2
1 Solution
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
Did you use the database password, or did you run the Security Wizard and implement User Level Security?
0
 
Eric FlammSenior ConsultantCommented:
I just create an AutoExec macro that Closes the application - so if someone double-clicks the back-end, it pops open and closes again. I also have a function sitting in a separate mdb that sets AllowBypassKey to false, so users can't hold down shift to get around the AutoExec. Of course, I also have a routine to enable the Bypass Key for maintenance purposes.

This won't prevent someone from linking to the tables in the backend - I don't know if there's a way to prevent new links from being established without screwing up the ones you need in the front-end.

-ef
0
 
Eric FlammSenior ConsultantCommented:
Tools-Security-Set Database Password in Access XP - need to have exclusive database access to set or clear the password - but this would only protect the front-end, not the back-end.

-ef
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
ahmedbahgatCommented:
if you give the admin account within the security file used "NO Access to all the tables", you have logically protected the backend

this will not allow anyone using any other security file, from reading, linking to the backend, they can copy it but they can not read it, unless they use the same security file and they have a valid account with the right access

using a databse password, autoexec macro, or disabling the shift button will offer no protection


cheers
0
 
Gustav BrockCIOCommented:
First, you cannot really protect the backend without Access security. And even then, this can easily be cracked by utilities available for a few dollars.
However, to just keep out the naughty user, the backend database password is easy and fast to apply.
How to save and reuse the password without a dialog with the user, visit this link:

http://www.experts-exchange.com/Databases/MS_Access/Q_21105826.html

/gustav
0
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
I tend to disagree with most people in regards to Access User Level Security ... if properly applied, and if you make use of Windows security in conjunction with it, then you've got a pretty good security scheme, but gustav is correct in regards to utilities available to crack your security. Of course, the same warning applies to ANY protection scheme for ANY product - if man can make it, man can break it. It's just a matter of desire.

Your security scheme depends entirely on your needs. Do you just want to make it difficult for the casual user to get in? Then apply the db password, rebuild the links between your frontend and backend (supplying the backend password when needed) and go from there. To make it more difficult, apply User Level Security. Next step - apply Windows security (assuming your tables are on an NT-style box, that is). Next step - allow data access ONLY through RWOP queries and disallow ALL access to tables. Next step - encrypt the data. Next step - migrate your data to a true client/server style db (like MSSQL) because you've gone as far as you can go with Access.

0
 
horaliaAuthor Commented:
I don't want users to get into the backend part of my application. Most users at my company do not use Access and I don't think that they would be able to bypass some of Access security features, but since I'm distributing the application to more groups, there will be more users and much more of a chance that information may be corrupted. I'll relink my tables and protect the backend, and go from there. I have applied User Level Security, but that only pertains to the form. Thanks!
0
 
horaliaAuthor Commented:
I linked the tables to my frontend, but I didn't see an option to place set a password for the backend. Where do I do this?
0
 
horaliaAuthor Commented:
OK, I was linking a backend that didn't have a password. That takes care of this problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 3
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now