Solved

Pass through query encrypt password

Posted on 2008-11-03
6
931 Views
Last Modified: 2012-06-22
I have an application with many pass-through queries with the password saved in the odbc connection.  

How do i prevent the user from being able to see the password.  

thanks

dave
0
Comment
Question by:david_88
  • 3
  • 3
6 Comments
 
LVL 34

Expert Comment

by:jefftwilley
ID: 22868267
Hi dave,
The connection string is kept in the mSysObjects table which is a system table. Just make sure you disable shift keys in your database and hide the mSysObjects table. A savy user may still be able to query the table to see the data. In that case, you can create the connection strings in code when you link the tables and either code in the credentials or mask them in a data table using Access's Password masking feature.
J
0
 

Author Comment

by:david_88
ID: 22868439
sounds good i have found a link to dsable the shift key

how do i hide the msSysobjects table i cant see this table anyaway ?

thanks

dave
0
 
LVL 34

Expert Comment

by:jefftwilley
ID: 22869438
Its a setting option under Tools/Options. Hide System Objects.

Remember, anything stored in a table in access is available via query. So the only real security you can have when it comes to passwords is either to store them in a Password formatted field, or code them.

Access wasn't' built to be bulletproof...so there is some risk in just hiding objects.

If you code the credentials, you can create a mde out of the DB and your users won't be able to get to the code.

Hope this helps.
J
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:david_88
ID: 22874430
well it needs to be relativley secure as it has access to important tables which i dont want people running any query they want on the orders table.

i have 2 apps with about 20 pass-through query's in total what would be the best method to make this secure.  I dont mind either of the 2 options you have mentiond

dave
0
 
LVL 34

Accepted Solution

by:
jefftwilley earned 500 total points
ID: 22878279
When you set up your connection string, you use code correct?

example:

        sConn = "ODBC;"
        sConn = sConn & "DSN=" & rsDatabaseInfo!DSN & ";"
        sConn = sConn & "APP=Microsoft Access;"
        sConn = sConn & "DATABASE=" & rsDatabaseInfo!DBName & ";"
        sConn = sConn & "UID=" & rsDatabaseInfo!UID & ";"
        sConn = sConn & "PWD=" & rsDatabaseInfo!PWD & ";"

Any/all of the fields above can be stored in your table as encrypted data.

When you disable the Shift keys and the Tools Menu when your app opens, a user wouldn't be able to make the System objects visible to modify them. When you create a .mde out of your databases, the user is not able to get to the actual code. That's about as secure as you can get with Access.
J
0
 

Author Closing Comment

by:david_88
ID: 31512747
yeah have gone with this idea as i can see alot of benefits

cheers
dave
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you are entering numbers in a speadsheet, and don't remember what 6×7 is, you just type “=6*7" instead. It works in every cell! This is not so in Access. To enter the elusive 42 in a text box, you have to find a calculator, and then copy the re…
In a multiple monitor setup, if you don't want to use AutoCenter to position your popup forms, you have a problem: where will they appear?  Sometimes you may have an additional problem: where the devil did they go?  If you last had a popup form open…
In Microsoft Access, learn how to “cascade” or have the displayed data of one combo control depend upon what’s entered in another. Base the dependent combo on a query for its row source: Add a reference to the first combo on the form as criteria i…
With Microsoft Access, learn how to specify relationships between tables and set various options on the relationship. Add the tables: Create the relationship: Decide if you’re going to set referential integrity: Decide if you want cascade upda…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question