valerieschupbach
asked on
Password security for linked tables in Access
My Microsoft Access 2007 application is split into a front-end program and back-end database. The front-end has access to the backend through linked tables.
Whenever I password protect the back-end database the tables can be linked if the proper password is supplied. However, the password is apparently stored for subsequent access as the linked table can be opened without any further password prompt, even after exit & restart.
I could delete all links during program exit and recreate them during startup; however I am wondering if there is a conceptually better solution where the password is not stored in the linked table definition; in particular you could imagine a crash or dead battery through which the program exits prematurely and leaves all data exposed through the front-end linked tables.
Thanks for any suggestions or eventual misunderstandings on my side on how this actually works.
Valérie
Whenever I password protect the back-end database the tables can be linked if the proper password is supplied. However, the password is apparently stored for subsequent access as the linked table can be opened without any further password prompt, even after exit & restart.
I could delete all links during program exit and recreate them during startup; however I am wondering if there is a conceptually better solution where the password is not stored in the linked table definition; in particular you could imagine a crash or dead battery through which the program exits prematurely and leaves all data exposed through the front-end linked tables.
Thanks for any suggestions or eventual misunderstandings on my side on how this actually works.
Valérie
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Scott McDaniel (EE MVE )
One alternative would be be to move your data to SQL Server, which has a much more robust security mechanism than does Access. Access provides an upsizing wizard for this, or there are other free tools out there which will move your data over to SQL Server Express (which is free).
...and to extend the recommendation of LSMConsulting: You can use Windows Integrated Security in SQL Server so you can create logins only for users who should work with the database (it doesn't make a difference if SQL Server Express is locally installed or on a network). In this case you can link the tables with a connection string which allows only Windows Integrated Security and you don't need to save any password anywhere because if a user logs into Windows he automatically has entered the needed password. If another user on the same machine logs in he cannot open the database no matter if SQL Server is locally installed or on the net. And he cannot hack any password because it is saved nowhere. SQL Server Express can handle databases up to 4 GB so it should be no problem to convert any Access database (with a maximum of 2 GB) to SQL Server express.