Access 2007

Posted on 2014-07-10
Last Modified: 2014-07-16
My OS is win 7 Prof 64 bit and I use Access 2007.  I have a very small database that I created which I want to protect both at the file level as well as the data level.  i.e. if someone opens the file, it will ask for a password which should be very hard to find within the application.  And the other is if the thief does succeed, the data will be encrypted and it will be seen as garbage without entering another password.  How does one go about doing this, and hope the Gurus can please show me how.
Question by:jegajothy
    LVL 24

    Accepted Solution

    MS Access has a built-in feature to encrypt the data with passwords. This Microsoft article explains the topic in full.

    Additionally, you can protect the file using a password protected zip file. WinZip or other utilities have these functionality
    LVL 4

    Expert Comment

    by:Jack Leach
    While Access does has some basic capability for password protecting files, it's just that - basic.

    Access has a deserved reputation of being insecure for means of protecting sensitive data.  This is typically the top reason that people would migrate to a SQL Server backend.

    Consider that Access is:
    - a file based BE, meaning anyone who can write data through the FE has permissions to copy the BE file
    - weak in protection to the point that someone who knows their way around fairly well can typically break any imposed protection.

    Give the fact that it's file based and you only need a knowledgeable person to get past the minimal security, it's quite easy for someone to grab a copy of the file, take it home and plug away at it.

    All that said, it's enough for many cases, but if you're quite concerned over it, you may want to consider a different backend for your Access application.

    LVL 41

    Expert Comment

    Every hacking attack is successful depending on hacker's knowledge. It does not matter if you are using Accesss or SQL Server.  OK, to copy SQL Server database is a bit more difficult but principles described by Jack are still valid...

    You should decide what security level is necessary for your small app.

    1) You may encrypt the whole harddrive (Windows 7 Ultimate allows it) so nobody low experienced can read the stolen HD. More info: (But the thief can ask for the password as the first step...)
    2) You may encrypt the database only. More info: (you may also find open source file crypting software on the web)
    3) You may store your data into a cloud or remote server (it is hard to steel such files for ordinary people but...)
    4) You should not store passwords into the app but users should know them. The app should store and compare just the hash calculated from the password entered by users.

    Remember the fact each encryption requires strict rules for periodic data archiving because the archive restore is the cheapest way how the get your corrupted or stolen data back. (Of course, the archive can also be stolen...)
    LVL 84
    Access 2007 made some big changes in the password protection for 2007, so I'd say that except for the most determined hacker a password-protected database would suffice for most needs

    Password protection in 2007+ automatically encrypts the file, but not the data in the file (at least to my understanding), so if I know the password I would see all data in plain text. The only way to actually encrypt the data would be to create routines that handle data inserts/updates for you, and perform your encryption there. This would of course be a big performance hit, so if you go this route take that into consideration.

    That said, I agree with Jack regarding the viability of Access as a "secure" database platform. If you're overly concerned with data security, then Access probably isn't the best choice. Microsoft SQL Server Express is free and has all the security features of it's big brother, and it integrates well with Access. You might consider moving to that platform.

    Author Closing Comment

    Thank u for the solution I needed. Gracias

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
    This article explains all about SQL Server Piecemeal Restore with examples in step by step manner.
    Basics of query design. Shows you how to construct a simple query by adding tables, perform joins, defining output columns, perform sorting, and apply criteria.
    With Microsoft Access, learn how to start a database in different ways and produce different start-up actions allowing you to use a single database to perform multiple tasks. Specify a start-up form through options: Specify an Autoexec macro: Us…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now