Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Access 2007

Posted on 2014-07-10
Medium Priority
Last Modified: 2014-07-16
My OS is win 7 Prof 64 bit and I use Access 2007.  I have a very small database that I created which I want to protect both at the file level as well as the data level.  i.e. if someone opens the file, it will ask for a password which should be very hard to find within the application.  And the other is if the thief does succeed, the data will be encrypted and it will be seen as garbage without entering another password.  How does one go about doing this, and hope the Gurus can please show me how.
Question by:jegajothy
LVL 25

Accepted Solution

chaau earned 2000 total points
ID: 40189632
MS Access has a built-in feature to encrypt the data with passwords. This Microsoft article explains the topic in full.

Additionally, you can protect the file using a password protected zip file. WinZip or other utilities have these functionality

Expert Comment

by:Jack Leach
ID: 40189777
While Access does has some basic capability for password protecting files, it's just that - basic.

Access has a deserved reputation of being insecure for means of protecting sensitive data.  This is typically the top reason that people would migrate to a SQL Server backend.

Consider that Access is:
- a file based BE, meaning anyone who can write data through the FE has permissions to copy the BE file
- weak in protection to the point that someone who knows their way around fairly well can typically break any imposed protection.

Give the fact that it's file based and you only need a knowledgeable person to get past the minimal security, it's quite easy for someone to grab a copy of the file, take it home and plug away at it.

All that said, it's enough for many cases, but if you're quite concerned over it, you may want to consider a different backend for your Access application.

LVL 43

Expert Comment

ID: 40190194
Every hacking attack is successful depending on hacker's knowledge. It does not matter if you are using Accesss or SQL Server.  OK, to copy SQL Server database is a bit more difficult but principles described by Jack are still valid...

You should decide what security level is necessary for your small app.

1) You may encrypt the whole harddrive (Windows 7 Ultimate allows it) so nobody low experienced can read the stolen HD. More info: http://en.wikipedia.org/wiki/BitLocker (But the thief can ask for the password as the first step...)
2) You may encrypt the database only. More info: http://windows.microsoft.com/en-us/windows/encrypt-decrypt-folder-file#1TC=windows-7 (you may also find open source file crypting software on the web)
3) You may store your data into a cloud or remote server (it is hard to steel such files for ordinary people but...)
4) You should not store passwords into the app but users should know them. The app should store and compare just the hash calculated from the password entered by users.

Remember the fact each encryption requires strict rules for periodic data archiving because the archive restore is the cheapest way how the get your corrupted or stolen data back. (Of course, the archive can also be stolen...)
LVL 85
ID: 40190202
Access 2007 made some big changes in the password protection for 2007, so I'd say that except for the most determined hacker a password-protected database would suffice for most needs

Password protection in 2007+ automatically encrypts the file, but not the data in the file (at least to my understanding), so if I know the password I would see all data in plain text. The only way to actually encrypt the data would be to create routines that handle data inserts/updates for you, and perform your encryption there. This would of course be a big performance hit, so if you go this route take that into consideration.

That said, I agree with Jack regarding the viability of Access as a "secure" database platform. If you're overly concerned with data security, then Access probably isn't the best choice. Microsoft SQL Server Express is free and has all the security features of it's big brother, and it integrates well with Access. You might consider moving to that platform.

Author Closing Comment

ID: 40200322
Thank u for the solution I needed. Gracias

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the ways to Unlock VBA Project Password Excel 2010 & 2013 documents. Go through the article and perform the steps carefully to remove VBA Excel .xls file.
Sometimes MS breaks things just for fun... In Access 2003, only the maximum allowable SQL string length could cause problems as you built a recordset. Now, when using string data in a WHERE clause, the 'identifier' maximum is 128 characters. So, …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question