What is the best way to Secure an Access DB with Delphi ?

Just wondering, what is the BEST and easiest way to lock down or secure an MS Access Database, while using Delphi as a Front End.

I basically want to prevent Users from opening an MS Access database via the backend, and let ALL access to be done done via a Delphi front end.

There will also be other security measures via Delphi restricting users from Editing, Viewing certain data.

Environment - Currently Using Windows XP desktops, with Windows 2003 servers and Users are registered / restricted using Active Directory and User Groups.

Also using Delphi 2006 and MS Access 2003
pjeliasAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon BallChief information OfficerCommented:
set database password.

I have no idea how you would use Delphi to make a front end for access, i always use access....but my back end is usually ODBC to an sql server.

There are workgroups options and set db password options, but i do not know how those will affect your delphi connection to the back end access db...
0
Emmanuel PASQUIERFreelance Project ManagerCommented:
Here is Delphi code to login to an access DB with/without password, and set/reset the password .
// declare _Password in your Form, add an ADO Connection
TMainForm=class(TForm)
 ADOConnection1:TADOConnection;
//...
 private
  _Password:String;
//...  
 end;

function TMainForm.ConnectString(Password:String=''):String;
begin
 if Password<>'' 
  Then Result:=Format('Provider=Microsoft.Jet.OLEDB.4.0:Database Password=%s;Data Source="%s";Persist Security Info=False;', [Password,DBPath+'\'+DBName]))
  Else Result:=Format('Provider=Microsoft.Jet.OLEDB.4.0;Data Source="%s";Persist Security Info=False;', [DBPath+'\'+DBName]));
end;

function TMainForm.SetPassword(aPassword: String):Boolean;
Var
 OldPass,NewPass:String;
begin
 if _Password<>'' Then OldPass:='`'+_Password+'`' Else OldPass:='NULL';
 if aPassword<>'' Then NewPass:='`'+aPassword+'`' Else NewPass:='NULL';
 With ADOConnection1 do 
  try
   if Connected Then Close;
   ConnectionString:=ConnectString(_Password);
   Mode:=cmShareExclusive;
   Open;
   Execute('ALTER DATABASE PASSWORD '+NewPass+' '+OldPass);
   Result:=True;
  except
   Result:=False;
  end;
 if Result Then _Password:=aPassword;
 Login(_Password); // reconnect
end;

function TMainForm.Login(Password: string): boolean;
begin
 With ADOConnection1 do 
  try
   if Connected Then Close;
   ConnectionString:=ConnectString(Password);
   Mode:=cmReadWrite;
   Open;  
   Result := ADOConnection1.Connected;
   if Result Then _Password:=Password;
  except
   Result := False;
  end;
end;

Open in new window

0
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
Just be aware that the Database Password in Access 2003 or lower can easily be hacked, if that's important to you. The only other option is securing with User Level Security, which is much more difficult (and can still be hacked, although at least the hacker would have to pay a little money for the privilege).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Mahdi78Commented:
Set password and encrypt data
0
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
But please note that using standard Access encryption means that once you open the database with that password, all the data is freely available and unencrypted.
0
Mahdi78Commented:
So with second encryption, data will be more secure
Remember: encryption slowing database
0
zoom2000Commented:
Use the Access Security and Create your MDW through  Security Menu in Access
put your .mdw file beside your database in the same folder
Pass this information when you open the database through Delphi
This is the Best and Most Secured Way
Database password is very weak and many applications on the download u can download it for free ! , will open your database very easily.

0
pjeliasAuthor Commented:
How do you pass information to Delphi using mdw File ?

Is this done via the ADOConnection ?

Can you give an example ?
0
pjeliasAuthor Commented:
Does the MDW method slow the data access down ?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Editors IDEs

From novice to tech pro — start learning today.