Is my access 2003 secured application really secure

[Joe Archer Sr]

My Problem: Is my access 2003 secured application really secure if the
shortcut icon properties have the username and the password included in it
ie user "bill" /pwd "jack"

"C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE" "C:\Program
Files\ARCHER-2008\ARCHER-2008.mde" /excl /user "bill" /pwd "jack" /wrkgrp
"C:\Program Files\ARCHER-2008\ARCHER.MDW" /runtime
I am using Access 2003 run time , secure enabled program created with the
The Microsoft Office Access 2003 Developer Extensions , Package wizard..
As you know, the archer.mdw is in the destination directory with the front
end mde and the back end mdb
Please tell me why the application is “secure†if all of the needed info is
included in the shortcut created by the package wizard..

 

[Chris O'C via AccessMonster.com]

I'll confirm your suspicion. It's not secure.

That said, why would the developer supply a user name and password to the
packaging wizard in the first place? I wouldn't do that.

Remove the /user "bill" /pwd "jack" parts from the shortcut and the user will
be prompted for a user name and password when opening the db with this
shortcut.

Chris
Microsoft MVP

 

[Joe Archer Sr]

chris>> I did not ask the question correctly.. I have no problem with the
users using my runtime program. what i am concerned about is for someone else
with the real access 2003 being able to get into my frontend mde and my
backend .mdb and see my data.. the calculations for results are in the front
end which should be protedted via the fact it's an mde. the backend has data
in it from the user and other items used by the program... i just want to be
convinced that no one can get into the front or back with the regular access
2003 and get my stuff..
question: can anyone with the real access 2003 use the .mdw,mdb, mde, name,
password in the "shortcut" open my front end and or backend on the user's
computer ??
thanks-- if they can, what can i do to really secure the front and back end ??
Joe Sr

 

[Chris O'C via AccessMonster.com]

Anyone can get into the front or back end of your Access mdb and mde files.
They can download free or cheap tools from the internet to get at the data.

If you need security, put your data in a secure SQL Server db connected to a
web server where your customers can connect from their own Access front ends.
Their front ends should only execute stored procedures to retrieve data from
SQL Server. Don't put any sensitive data in the Access front end.

Chris
Microsoft MVP

 

[Joan Wild]

question: can anyone with the real access 2003 use the .mdw,mdb, mde,
name,
password in the "shortcut" open my front end and or backend on the user's
computer ??

Yes. All the information is there for them to see. Even if you didn't
include the username/pwd, someone could do a search on the internet and find
security crackers for Access.

thanks-- if they can, what can i do to really secure the front and back
end ??

See Chris's answer.

 

[Joe Archer Sr]

thanks chris and joan
the info don't make me feel like the effort i have gone to with the security
has done much good.
looks like they can get into my backend .mdb and the frontend mde to look at
the data in the tables
but can they get into the code behind the forms and the modules of the front
end ??
as you know, without the code in the forms, the results can't be duplicated
in the final report..
hope they can't see the cbf
thanks again
joe

 

[Joan Wild]

With a diligent search, one can find something to revert the mde. However,
if you're up against such an individual, then they're determined, and it
seems to me that it doesn't matter what you build it in, they'll crack it.

 

[JOEARCHER_SR via AccessMonster.com]

thank you joan and chris
Looks like what i have done will secure it for 99% of people
but if they realllly want to get into it, they can
So my question has been answered
joe archer

With a diligent search, one can find something to revert the mde. However,
if you're up against such an individual, then they're determined, and it
seems to me that it doesn't matter what you build it in, they'll crack it.

thanks chris and joan
the info don't make me feel like the effort i have gone to with the

[quoted text clipped - 27 lines]

 

[Chris O'C via AccessMonster.com]

An expert Access developer can duplicate your app's functionality without
ever seeing your vba code. Fortunately there aren't nearly as many expert
Access developers as people who say they are.

Chris
Microsoft MVP