Re: Implementing User-Level Security

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Well, you've got me there. I did try but failed.

Thanks for the link. I will give it a try and hopefully pull something out
of it.

"Larry Linson" wrote:

"Tim" <Tim@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote


> I recently implemented user-level security for a group
> of twenty people for my database. On my PC, a prompt
> will ask for a User Name and Password.

> On someone else's PC, they can access the database
> as an Admin with the System1.mdw as the Workgroup
> File. They are not prompted for anything! A fix I read
> was to Import the database with the security to a new
> database. I did that and still no prompt!

Then clearly, you did not "recently implement user-level security"; instead,
you _attempted_ to implement it.

The authoritative source on Access User/Group Level Security is the Security
FAQ, for which see http://support.microsoft.com/kb/207793/en-us. It is 39
pages of dense content, none of which is "padding", so you need to read,
re-read, study, re-study and then experiment with copies or test databases.
Rarely does anyone find it so trivial that they cover all the bases and get
it right the very first time. If you omit a step in the process, you can
make it so trivial to get in that anyone can (as you've discovered) or,
alternatively, so secure that even you cannot get in.

> How can I make sure that everyone on our network
> will not have access to the database and just the
> people I choose?

See above.

I must caution you that Access user and group level security (also called
Workgroup Security) has flaws and will not keep a determined cracker out. It
works very nicely to keep honest folk from stumbling over their own
fingertips and accidentally ending up somewhere they should not be in your
application. User and group level security is no longer supported by Access
2007 for the new ACCDB databases; it is still available if you choose to use
the tried, trusted, and true .MDB file format.

Larry Linson
Microsoft Office Access MVP



.

Relevant Pages

  • Re: setting a password on a button on the switchboard
    ... there is a lot to know about security whether it's something you make or it is Access User ... Read the Read Me form in the database for more info. ... >> User Level Security. ... >> What type of data are you trying to protect? ...
    (microsoft.public.access.forms)
  • Re: setting a password on a button on the switchboard
    ... Could you send me the sample database for the fourth option (4. ... > Security in an Access database can probably be broken down into two big ... > points about being easier than User Level Security, ... > What type of data are you trying to protect? ...
    (microsoft.public.access.forms)
  • Re: access 2003
    ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
    (microsoft.public.access.conversion)
  • Re: access 2003
    ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
    (microsoft.public.access.conversion)
  • Re: Database Security
    ... Check that date when the user logs on and prompt them to change ... Access Security: www.ltcomputerdesigns.com/Security.htm ... >I have this database where I have some minor security, ... > after x amount of days, it will prompt user to change password. ...
    (microsoft.public.access.security)