New to security have questions before plunging

F

Fysh

Thanks, for the response. However, where I work and the places that this
project is being sent to really have no idea what they want. They say they
do, but they constantly keep changing the requirements. This makes it
difficult when trying to design and program.
 
T

TC

Joan said:
I'm not sure where they are stored, but definitely in the mdb file (which is
why you can use more than one mdw with a single mdb file).

They're stored in the MSysACEs table in the mdb file.


But your method requires many people to know the same (generic user)
password(s). So your security is compromised right from the get-go!

Cheers,
TC
 
J

Joan Wild

TC said:
But your method requires many people to know the same (generic user)
password(s). So your security is compromised right from the get-go!

Yeah, I'd suggest Keith that you secure it so that they can use their
standard system.mdw, with no login.
 
K

Keith

Joan Wild said:
Yeah, I'd suggest Keith that you secure it so that they can use their
standard system.mdw, with no login.

I take your point but it is always stressed to the users that it's in their
own interests to keep their passwords on a need-to-know basis. Never had
any problems so far but I wouldn't use this approach in a smaller
organisation.
 
I

Immanuel Sibero

TC,
Yea yea, we've heard it all before..
Stop fskin' around Google and get back to work, TC. :)



Kidding aside, hope you're doing fine, TC.

Immanuel Sibero
 
T

TC

Immanuel said:
TC,
Yea yea, we've heard it all before..
Stop fskin' around Google and get back to work, TC. :)

Kidding aside, hope you're doing fine, TC.


Hi Immanuel

Luckily I work for myself, so I can fskc-around with whatever I want!
:)

Cheers,
TC
 
L

Lee Stafford via AccessMonster.com

Thanks Fysh, you asked all the questions that I have. It sounds like we
have very similar situations.

I know this area is something that I do not understand and I am afraid to
get into it.

Is there anywhere that I can go for very plain english type of instructions
that any idiot can follow?

I have the very same situation that Fysh has described so far. I have read
your replies and I am sure they will help once I get to a point that I
understand them....haha.

TIA,

Lee
 
T

TC

Lee, the trick to getting Access user-level security right, is to
follow an explicit list of written instructions - adding and omitting
nothing. The slightest deviation from the instructions, can cause your
database to be insecure. A typical list of instructions is, the Access
Secuerity FAQ - often referenced in this newgroup. No-one has any hope
of getting it right just by running the wizard, or "fooling around"
(not that I'm accusing the OP of that).

HTH,
TC
 
K

Keith

Lee Stafford via AccessMonster.com said:
Is there anywhere that I can go for very plain english type of
instructions
that any idiot can follow?
There's a step-by-step example on my web site that might help but it's no
substitute for the FAQ (there's also a link to them on my web site).

Regards,
Keith.
www.keithwilby.com
 
L

Lee Stafford via AccessMonster.com

Thanks, I think that will help. I do have another question, though. I am
creating this DB in 2000, but have edited it in 2003 a few times, and I
know that some users will have 97. If I secure it in 2000, will this cause
a problem with any other version?

TIA again,

Lee
 
F

Fysh

As everyone has said this is no joke. I played with this for about a week
now. I beleieve I finally got it down and got my shortcut to work. I do
have a couple questions though. I only have 2 users besides the usual in my
db. One is for all the users the other is for the administrator so they can
get back in. A login box appears and depending on the name and password what
permissions they will have. I manually split my db to FE and BE. I gave the
FE user modify permission on the tables for linking etc.

Now my questions:
For some reason when I open another DB it still asks for a log-in, why? I
know someone here will say I missed something, but I can't figure out what.
Another question is I am going to implement the disable key and make it a
MDE. Is this all I am going to have to do to complete the security? Nobody
will be allowed to import my backend is this correct?

Thanks a bunch, this group constantly helps those in need
 
F

Fysh

Ok I figured out the first question. I didn't rejoin to the system.mdw. I
don't recall seeing that in the literature.
 
J

Joan Wild

Fysh said:
Now my questions:
For some reason when I open another DB it still asks for a log-in, why?

Because your secure mdw that you used is now the default one to use for all
Access sessions. Use the workgroup administrator to join the standard
system.mdw that ships with Access. Use your shortcut for your secure mdb.
All other sessions of Access will use the default system.mdw
Another question is I am going to implement the disable key and make it a
MDE. Is this all I am going to have to do to complete the security?
Nobody
will be allowed to import my backend is this correct?

You'll have to test this for yourself. If you've given them permission on
the backend tables, then they'll be able to import.
 
F

Fysh

Joan thanks for the reply, could you answer one more question. The shortcut
works fine and when I log in I can see the Users and groups. However, if I
open the db directly then no log in is required and I don't see the Users or
groups. What could be wrong?
 
J

Joan Wild

Fysh said:
Joan thanks for the reply, could you answer one more question. The
shortcut
works fine and when I log in I can see the Users and groups. However, if
I
open the db directly then no log in is required and I don't see the Users
or
groups. What could be wrong?

When you use the shortcut, it is using your secure mdw (and you see the
users and groups that are stored in that mdw).

If you open the db directly, then you are using your default system.mdw,
which doesn't have your users and groups in it.

Two things:
Users and Groups are stored in the mdw file.
If you can even open your mdb using the system.mdw file, then it isn't
secure; you missed a step.
 
T

TC

Fysh said:
Ok I figured out the first question. I didn't rejoin to the
system.mdw.

You seldom need to join *any* workgroup file other-than the standard
one. Securing a database involves creating a *new* workgroup file &
using that with the /wrkgrp switch on the startup shortcut.

I don't recall seeing that in the literature.

That's because the literature would not have told you to join the other
file, in the first place.

HTH,
TC
 
F

Fysh

Thanks everyone, it took some time but I got everything working. I even
incorporated a pop up form that tells them reconnection is in progress and
hourglass set to true during refreshing of links. I converted it to a MDE
along with MDW. Hopefully this will be enough to keep the snoops out.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top