Input on securing FE/BE access database
Posted on 2011-10-07
Hi Experts, I have a FE/BE Access db application that I want to tighten up. The BE is on a network share, and right now any user who has access to the share can open the BE and mess with it. Not good.
I am using Access 2007, and the BE is an .accdb.
Here is the simple version of what I am trying to do, and I would appreciate input from anyone who can see a gaping hole in this model:
1) "Encrypt with password" the BE
2) Make user-specific Front-end "template" files to be copied down to users local machine. These are password-encrypted.
3) Make a "management" db that has a table of users, the path to their Front-end template, and the password for the template. This is also password-encrypted.
4) Make a "trigger" db (containing code module only) which the user uses to launch the application. This would connect to the users table in the management db using ADO, and would be distributed as an .accde so it is not possible to find out the password to the management db.
5) When user opens the "trigger" db, it gets their network login name, connects to the managment db to determine the appropriate FE template and password, creates an .accde FE on the local machine, and opens it for the user.
I think I can basically achieve pass-through authentication this way... fingers crossed! If anyone tries to open either a FE or the BE without using the launcher, they will be presented with the "passord required" box.