VB with Access 2000 Security
I'm developing an application using VB6 and Microsoft Access 2000. To
protect the information, I can programatically set a user and password,
and/or encrypt the Access database. Still, does anyone have any idea just
how safe the Access database is from someone deliberately opening the
database through a means other than that for which I've designed it?
Any idea on the security is a help.
Re: VB with Access 2000 Security
"Thomas G. Seroogy" <firstname.lastname@example.org> wrote:
>I'm developing an application using VB6 and Microsoft Access 2000. To
>protect the information, I can programatically set a user and password,
>and/or encrypt the Access database. Still, does anyone have any idea just
>how safe the Access database is from someone deliberately opening the
>database through a means other than that for which I've designed it?
>Any idea on the security is a help.
I use Access for a lot of things but I don't consider it particularly secure.
I haven't done much on this myself but a few friends work in IT Security.
The general consensus, that I have taken away from my conversations with
them, is that Access is not very secure. Real security comes at an operating
You can encrypt the DB and then hide it using attributes through DOS. Unfortunately
there are plenty of tools which show you hidden files. The best thing I
could suggest would be to encrypt the Access file and bury it using multiple
hidden directories and then hiding it and a dozen dummy files in various
directories. Name your hidden directories randomly (nothing that makes much
sense I would think) and hope. Hope you can make it a big enough pain that
no one will want to find it that bad.
Another thought would be to keep that DB on a server that has good security.
Obviously that may not be an option for some applications. My direct knowledge
of security largely amounts to looking at hacker websites and such. It does
seem like there are a lot of people out there working exclusively on breaking
MS security. So if Access can be broken into (and I'm assuming it can be)
then the method is probably out there on a thousand websites along with the
no frills version of the software (scripts and other things) to do it.
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL