Hi all, I apologize for the newbie question, but can't find the info I'm looking for anywhere. I'm building my first web application, and have an Access database I want to connect to. The database contains somes tables of information that I want to make sure stays secure (customer addresses, cc #'s, etc.); at the same time, I want to be able to plug some information in on web pages without requiring the user to login, etc. My question is, is there a way to make sure my database stays secure? ... and how do I go about doing that? Many thanks for any help and advice you can provide.
This conversation is currently closed to new comments.
Access has at least 3 security features to consider: 1. Database Password - simple password protection for opening the mdb file. 2. Workgroup Administrator - uses a workgroup file (system.mdw by default) to create users, put them in groups and give those groups limited rights. Password protect the Admin account, and logon from the web page using a limited account... 3. Encrypt - physically scramble the data as it written to disk, so low level utilities can't read data strings from the mdw.
I recommend doing 2 and 3. Even you Encrypt, I also recommend storing the data file in a folder/share that the web engine (ASP or whatever) can access, but that the end user cannot access via http, ftp or anything else. There are many utilities for recovering/hacking Access mdw files!
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Access database security...?