 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
MS Access Forum / New Users / April 2008Implementing User-Level Security
I recently implemented user-level security for a group of twenty people for my database. On my PC, a prompt will ask for a User Name and Password. On someone else's PC, they can access the database as an Admin with the System1.mdw as the Workgroup File. They are not prompted for anything! A fix I read was to Import the database with the security to a new database. I did that and still no prompt! How can I make sure that everyone on our network will not have access to the database and just the people I choose? > I recently implemented user-level security for a group > of twenty people for my database. On my PC, a prompt > will ask for a User Name and Password. > On someone else's PC, they can access the database > as an Admin with the System1.mdw as the Workgroup > File. They are not prompted for anything! A fix I read > was to Import the database with the security to a new > database. I did that and still no prompt! Then clearly, you did not "recently implement user-level security"; instead, you _attempted_ to implement it. The authoritative source on Access User/Group Level Security is the Security FAQ, for which see http://support.microsoft.com/kb/207793/en-us. It is 39 pages of dense content, none of which is "padding", so you need to read, re-read, study, re-study and then experiment with copies or test databases. Rarely does anyone find it so trivial that they cover all the bases and get it right the very first time. If you omit a step in the process, you can make it so trivial to get in that anyone can (as you've discovered) or, alternatively, so secure that even you cannot get in. > How can I make sure that everyone on our network > will not have access to the database and just the > people I choose? See above. I must caution you that Access user and group level security (also called Workgroup Security) has flaws and will not keep a determined cracker out. It works very nicely to keep honest folk from stumbling over their own fingertips and accidentally ending up somewhere they should not be in your application. User and group level security is no longer supported by Access 2007 for the new ACCDB databases; it is still available if you choose to use the tried, trusted, and true .MDB file format. Larry Linson Microsoft Office Access MVP Well, you've got me there. I did try but failed. Thanks for the link. I will give it a try and hopefully pull something out of it. > > I recently implemented user-level security for a group > > of twenty people for my database. On my PC, a prompt [quoted text clipped - 34 lines] > Larry Linson > Microsoft Office Access MVP > Well, you've got me there. I did try but failed. Don't feel lonesome. [Many | most | all] of us have failed, more than once, in early attempts to secure a database using Workgroup Security. Roger Jennings, in his book "Access 2.0 Developer Guide" described Access security as "labrynthine" and it didn't get any simpler over time. In fact, most of my clients opted not to use Workgroup Security, but relied on using a server back-end and using the server's security to protect their data. Once I did work through it, I've secured a few clients' databases... and warned all of them that it was far from foolproof. Larry Linson Microsoft Office Access MVP |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.