Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage
Access Database Encryption
Hi all
Does it really save any purpose to encrypt a database (BE)with a password when some people are saying there are some free software out there that can break the encryption easily , I know for the FE we seam to be fine as long as we only give clients Accde files.
For queries I'm still using a special code to hide special keys( This is also an extra cover to FE objects), unless someone knows my backdoor hot key it will not be possible to unhide the queries.
Though strictly speaking the software is anchored on queries , VBA code , macros and reports because even if one steal the tables with entity relation , how is it going to help without the treasured code???
Kindly educate me if I'm wrong!
Regards
Chris
Does it really save any purpose to encrypt a database (BE)with a password when some people are saying there are some free software out there that can break the encryption easily , I know for the FE we seam to be fine as long as we only give clients Accde files.
For queries I'm still using a special code to hide special keys( This is also an extra cover to FE objects), unless someone knows my backdoor hot key it will not be possible to unhide the queries.
Though strictly speaking the software is anchored on queries , VBA code , macros and reports because even if one steal the tables with entity relation , how is it going to help without the treasured code???
Kindly educate me if I'm wrong!
Regards
Chris
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
As gustav said, the new ACE format uses a better encryption (RC4 protection up-to 128-bit) and uses the Win crypto libs.
I'm not aware of anything out there that has cracked it.
Jim.
I'm not aware of anything out there that has cracked it.
Jim.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
You should tell what is your goal. To encrypt data or application code?
IMHO data are in higher interest of possible attackers because they contain the value. And if we are talking about MS Access where users do have the BE database available on some network share then you never can be 100% safe. (based on https://www.isunshare.com/access-password-recovery.html)
Even when you use MS Access FE and place the data on SQL Server then your more experienced users can obtain the connection string from the FE and access all data etc. etc.
The more secure solution seems to be web/intranet based application where both the database and application resides on the BE and users can access it via web browser. The app itself then handles access rights.
IMHO data are in higher interest of possible attackers because they contain the value. And if we are talking about MS Access where users do have the BE database available on some network share then you never can be 100% safe. (based on https://www.isunshare.com/access-password-recovery.html)
Even when you use MS Access FE and place the data on SQL Server then your more experienced users can obtain the connection string from the FE and access all data etc. etc.
The more secure solution seems to be web/intranet based application where both the database and application resides on the BE and users can access it via web browser. The app itself then handles access rights.
Protection within MS access serve only one purpose:
Keep "amateurs" from accessing your code, queries, table design and relationships.
Also, keep in mind that MS Access isn't designed for puplic deployment (in other words: designed for internal applications).
If you're looking for more robust security, MS Access isn't the tool for you. Look for compiled languages such as .Net, Java, C++ or C, and better database engines like MySQL, SQL Server, Oracle, postGreSQL ect ...
Keep "amateurs" from accessing your code, queries, table design and relationships.
Also, keep in mind that MS Access isn't designed for puplic deployment (in other words: designed for internal applications).
If you're looking for more robust security, MS Access isn't the tool for you. Look for compiled languages such as .Net, Java, C++ or C, and better database engines like MySQL, SQL Server, Oracle, postGreSQL ect ...
know for the FE we seam to be fine as long as we only give clients Accde files.Wrong. There are companies that will "decompile" the database to produce VBA code. Earlier attempts produced tokenized code which although it was valid VBA, was very difficult to read because all the variable names were cryptic. Newer tools produce very readable code with meaningful variable names.
<<There are companies that will "decompile">>
I'm only aware of one that can do that, and their pretty adamant about proof of ownership, so I would not consider this to be a problem as yet.
If your aware of more than one, then it would be an issue.
Jim.
I'm only aware of one that can do that, and their pretty adamant about proof of ownership, so I would not consider this to be a problem as yet.
If your aware of more than one, then it would be an issue.
Jim.
I haven't had the problem so I've never had to use the service so I don't know how many companies are out there. How does one prove they own the app?
<< How does one prove they own the app?>>
Copyright paperwork, their name is on the app, they can provide some of the source code, etc.
Jim.
Copyright paperwork, their name is on the app, they can provide some of the source code, etc.
Jim.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
/gustav