Customized login-password scheme
in [Help]
|
Prev: Scroll records with the mouse wheel in Access7
Next: Limited amount of characters displayed in report.
From: Douglas J. Steele on 24 Jun 2010 06:57 The AutoExec password can be bypassed if the user holds down the Shift key while opening the database. The way to prevent this is to create a database propery named AllowBypassKey, and set its value to False. However, all members of the Admins group are able to reset this property, and since, by default, all users of an application that hasn't had Access User-Level Security applied to it are members of the Admins group, this means what you're trying to do is virtually an exercise in futility. -- Doug Steele, Microsoft Access MVP http://www.AccessMVP.com/DJSteele Co-author: Access 2010 Solutions, published by Wiley (no e-mails, please!) "LightLY" <lightaiyee(a)gmail.com> wrote in message news:27cbaadb-8041-4e4c-8f4b-754771461959(a)q12g2000yqj.googlegroups.com... On Jun 24, 6:26 pm, LightLY <lightai...(a)gmail.com> wrote: > On Jun 24, 6:16 pm, LightLY <lightai...(a)gmail.com> wrote: > > On Jun 23, 1:17 pm, Tony Toews <tto...(a)telusplanet.net> wrote: > > > On Tue, 22 Jun 2010 20:54:06 -0700 (PDT), LightLY > > > > <lightai...(a)gmail.com> wrote: > > > >I woulld like to customize a login password protection scheme for my > > > >database. Based on the login name, a password will be automatically > > > >generated based on certain security algorithm. May I know if this can > > > >be done for Access using macros? > > > > Using macros? No. > > > > Using VBA code? Sure, however I'd sure want to have someoe double > > > check the code to ensure it's been properly randomized so folks can't > > > guess at the passwords. > > > > Also note that folks, when given an assigned password, will always > > > write them down and hide them within a few feet of their keyboard. > > > Human nature. > > > > (Except for those of us who use programs such as KeePass to store > > > thier passwords in a secure, encrypted format.) > > > > Tony > > > Thank you for your help. I am going to start on this soon. > > Sorry, I think this may sound stupid. I just realized that I do not > know where to put the code such that this login-password code always > runs first before the database is opened. > > If someone could advise me, I shall be most grateful. Thank you. I am pleased to find the answer to my question. It is the Autoexec macro:) However, I have a concern about the Autoexec macro. Is there some way that it can be bypassed? Can the experts here advise? Thank you very much.
From: LightLY on 24 Jun 2010 22:54 On Jun 24, 6:57 pm, "Douglas J. Steele" <NOSPAM_djsteele(a)NOSPAM_gmail.com> wrote: > The AutoExec password can be bypassed if the user holds down the Shift key > while opening the database. > > The way to prevent this is to create a database propery named > AllowBypassKey, and set its value to False. However, all members of the > Admins group are able to reset this property, and since, by default, all > users of an application that hasn't had Access User-Level Security applied > to it are members of the Admins group, this means what you're trying to do > is virtually an exercise in futility. > > -- > Doug Steele, Microsoft Access MVPhttp://www.AccessMVP.com/DJSteele > Co-author: Access 2010 Solutions, published by Wiley > (no e-mails, please!) > > "LightLY" <lightai...(a)gmail.com> wrote in message > > news:27cbaadb-8041-4e4c-8f4b-754771461959(a)q12g2000yqj.googlegroups.com... > On Jun 24, 6:26 pm, LightLY <lightai...(a)gmail.com> wrote: > > > > > On Jun 24, 6:16 pm, LightLY <lightai...(a)gmail.com> wrote: > > > On Jun 23, 1:17 pm, Tony Toews <tto...(a)telusplanet.net> wrote: > > > > On Tue, 22 Jun 2010 20:54:06 -0700 (PDT), LightLY > > > > > <lightai...(a)gmail.com> wrote: > > > > >I woulld like to customize a login password protection scheme for my > > > > >database. Based on the login name, a password will be automatically > > > > >generated based on certain security algorithm. May I know if this can > > > > >be done for Access using macros? > > > > > Using macros? No. > > > > > Using VBA code? Sure, however I'd sure want to have someoe double > > > > check the code to ensure it's been properly randomized so folks can't > > > > guess at the passwords. > > > > > Also note that folks, when given an assigned password, will always > > > > write them down and hide them within a few feet of their keyboard. > > > > Human nature. > > > > > (Except for those of us who use programs such as KeePass to store > > > > thier passwords in a secure, encrypted format.) > > > > > Tony > > > > Thank you for your help. I am going to start on this soon. > > > Sorry, I think this may sound stupid. I just realized that I do not > > know where to put the code such that this login-password code always > > runs first before the database is opened. > > > If someone could advise me, I shall be most grateful. Thank you. > > I am pleased to find the answer to my question. It is the Autoexec > macro:) > However, I have a concern about the Autoexec macro. Is there some way > that it can be bypassed? Can the experts here advise? Thank you very > much. Oh dear. This is bad news, especially coming from an expert author of an Access book. I guess the least I can do is to create inconvenience to people who do not respect intellectual property rights. Thank you for your reply.
From: Access Developer on 24 Jun 2010 23:23 Access' own security is breakable, for free, but it is far and away more secure than just about any homegrown security approach. Using a server database and taking advantage of the server DB's security is the "best" (that is, most secure) approach. Next best, is create MDB/MDE and use Access' own security. Least effective is a Do-It-Yourself approach. But, if making the database cracker "work for it is" your goal, you can use a combination of all three; but, be aware you may spend more time and effort trying to make the cracker "work for it" than the cracker will, in the end, have to use to get into your database. -- Larry Linson, Microsoft Office Access MVP Co-author: "Microsoft Access Small Business Solutions", published by Wiley Access newsgroup support is alive and well in USENET comp.databases.ms-access "LightLY" <lightaiyee(a)gmail.com> wrote in message news:adfeb9d5-d89d-4b0f-905f-24da7125275a(a)s9g2000yqd.googlegroups.com... On Jun 24, 6:57 pm, "Douglas J. Steele" <NOSPAM_djsteele(a)NOSPAM_gmail.com> wrote: > The AutoExec password can be bypassed if the user holds down the Shift key > while opening the database. > > The way to prevent this is to create a database propery named > AllowBypassKey, and set its value to False. However, all members of the > Admins group are able to reset this property, and since, by default, all > users of an application that hasn't had Access User-Level Security applied > to it are members of the Admins group, this means what you're trying to do > is virtually an exercise in futility. > > -- > Doug Steele, Microsoft Access MVPhttp://www.AccessMVP.com/DJSteele > Co-author: Access 2010 Solutions, published by Wiley > (no e-mails, please!) > > "LightLY" <lightai...(a)gmail.com> wrote in message > > news:27cbaadb-8041-4e4c-8f4b-754771461959(a)q12g2000yqj.googlegroups.com... > On Jun 24, 6:26 pm, LightLY <lightai...(a)gmail.com> wrote: > > > > > On Jun 24, 6:16 pm, LightLY <lightai...(a)gmail.com> wrote: > > > On Jun 23, 1:17 pm, Tony Toews <tto...(a)telusplanet.net> wrote: > > > > On Tue, 22 Jun 2010 20:54:06 -0700 (PDT), LightLY > > > > > <lightai...(a)gmail.com> wrote: > > > > >I woulld like to customize a login password protection scheme for > > > > >my > > > > >database. Based on the login name, a password will be automatically > > > > >generated based on certain security algorithm. May I know if this > > > > >can > > > > >be done for Access using macros? > > > > > Using macros? No. > > > > > Using VBA code? Sure, however I'd sure want to have someoe double > > > > check the code to ensure it's been properly randomized so folks > > > > can't > > > > guess at the passwords. > > > > > Also note that folks, when given an assigned password, will always > > > > write them down and hide them within a few feet of their keyboard. > > > > Human nature. > > > > > (Except for those of us who use programs such as KeePass to store > > > > thier passwords in a secure, encrypted format.) > > > > > Tony > > > > Thank you for your help. I am going to start on this soon. > > > Sorry, I think this may sound stupid. I just realized that I do not > > know where to put the code such that this login-password code always > > runs first before the database is opened. > > > If someone could advise me, I shall be most grateful. Thank you. > > I am pleased to find the answer to my question. It is the Autoexec > macro:) > However, I have a concern about the Autoexec macro. Is there some way > that it can be bypassed? Can the experts here advise? Thank you very > much. Oh dear. This is bad news, especially coming from an expert author of an Access book. I guess the least I can do is to create inconvenience to people who do not respect intellectual property rights. Thank you for your reply.
First
|
Prev
|
Pages: 1 2 Prev: Scroll records with the mouse wheel in Access7 Next: Limited amount of characters displayed in report. |