Solved

Protecting a BackEnd

Posted on 2004-08-25
9
706 Views
Last Modified: 2012-06-21
I've got a split database residing on a network drive. The front end is copied locally onto each user's computer. I tried protecting the backend database with a password, but when I did, the frontend didn't have access, a box came up with a wrong error message. Where do I assign the password in the frontend? I tried the Security Wizard, but I didn't follow the instruction closely, since I was locked out completely. (Fortunately, I backed up everything before running the Wizard!) How can I protect the backend?
0
Comment
Question by:horalia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 85
ID: 11898443
Did you use the database password, or did you run the Security Wizard and implement User Level Security?
0
 
LVL 8

Expert Comment

by:Eric Flamm
ID: 11898444
I just create an AutoExec macro that Closes the application - so if someone double-clicks the back-end, it pops open and closes again. I also have a function sitting in a separate mdb that sets AllowBypassKey to false, so users can't hold down shift to get around the AutoExec. Of course, I also have a routine to enable the Bypass Key for maintenance purposes.

This won't prevent someone from linking to the tables in the backend - I don't know if there's a way to prevent new links from being established without screwing up the ones you need in the front-end.

-ef
0
 
LVL 8

Expert Comment

by:Eric Flamm
ID: 11898447
Tools-Security-Set Database Password in Access XP - need to have exclusive database access to set or clear the password - but this would only protect the front-end, not the back-end.

-ef
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Expert Comment

by:ahmedbahgat
ID: 11898560
if you give the admin account within the security file used "NO Access to all the tables", you have logically protected the backend

this will not allow anyone using any other security file, from reading, linking to the backend, they can copy it but they can not read it, unless they use the same security file and they have a valid account with the right access

using a databse password, autoexec macro, or disabling the shift button will offer no protection


cheers
0
 
LVL 51

Expert Comment

by:Gustav Brock
ID: 11901844
First, you cannot really protect the backend without Access security. And even then, this can easily be cracked by utilities available for a few dollars.
However, to just keep out the naughty user, the backend database password is easy and fast to apply.
How to save and reuse the password without a dialog with the user, visit this link:

http://www.experts-exchange.com/Databases/MS_Access/Q_21105826.html

/gustav
0
 
LVL 85

Accepted Solution

by:
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 11901937
I tend to disagree with most people in regards to Access User Level Security ... if properly applied, and if you make use of Windows security in conjunction with it, then you've got a pretty good security scheme, but gustav is correct in regards to utilities available to crack your security. Of course, the same warning applies to ANY protection scheme for ANY product - if man can make it, man can break it. It's just a matter of desire.

Your security scheme depends entirely on your needs. Do you just want to make it difficult for the casual user to get in? Then apply the db password, rebuild the links between your frontend and backend (supplying the backend password when needed) and go from there. To make it more difficult, apply User Level Security. Next step - apply Windows security (assuming your tables are on an NT-style box, that is). Next step - allow data access ONLY through RWOP queries and disallow ALL access to tables. Next step - encrypt the data. Next step - migrate your data to a true client/server style db (like MSSQL) because you've gone as far as you can go with Access.

0
 

Author Comment

by:horalia
ID: 11908301
I don't want users to get into the backend part of my application. Most users at my company do not use Access and I don't think that they would be able to bypass some of Access security features, but since I'm distributing the application to more groups, there will be more users and much more of a chance that information may be corrupted. I'll relink my tables and protect the backend, and go from there. I have applied User Level Security, but that only pertains to the form. Thanks!
0
 

Author Comment

by:horalia
ID: 11908414
I linked the tables to my frontend, but I didn't see an option to place set a password for the backend. Where do I do this?
0
 

Author Comment

by:horalia
ID: 11908537
OK, I was linking a backend that didn't have a password. That takes care of this problem.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Code that checks the QuickBooks schema table for non-updateable fields and then disables those controls on a form so users don't try to update them.
Learn how to number pages in an Access report over each group. Activate two pass printing by referencing the pages property: Add code to the Page Footers OnFormat event to capture the pages as there occur for each group. Use the pages property to …
With Microsoft Access, learn how to start a database in different ways and produce different start-up actions allowing you to use a single database to perform multiple tasks. Specify a start-up form through options: Specify an Autoexec macro: Us…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question