Hi, I have an Access 2003 DB that will be installed on XP home in a local club. Several members will be able to use this DB and I am concerned that someone might one day take a copy of the members data home with them on a pendrive.
I can't stop file copying at the OS level, so I am thinking of scattering a few VBA lines to read hidden files in the system area and generate errors when the DB is run on another machine. I know its a game of cat and mouse but I believe 99% of the members would give up on the copy after a few errors..
Has anyone done something similar or know of a better way?
8 1387 MMcCarthy 14,534
Recognized Expert Moderator MVP
I would suggest moving the data to a backend database and password protecting the folder the backend is in. You can also password protect the file itself.
Unfortunately, there is no backend- the database is installed on the club's only PC.
MMcCarthy 14,534
Recognized Expert Moderator MVP @garfieldsevilla
That doesn''t mean you can't split the backend out into another database.
Just create a new database file and import all the tables into it. Password protect the new database file. Then replace the tables in the old database with links to the tables in the new database. Now all the data is stored in the new database which is password protected and the database all the users access is only a frontend with no data.
ADezii 8,834
Recognized Expert Expert @garfieldsevilla
You could have the Database on the Club PC read a specific String from the System Registry on that PC prior to opening. This String will only exist on the Club PC and no other, if it cannot read the Registry Value, do not allow the DB to Open as would be the case on any other PC. A savvy User, of course, could always Import or Link to the copied DB Objects.
ADezii, have you done something like this? Can you share any VBA code?
The db is password protected but the problem is that there is at least one easy to use programme that can unlock an access DB. I like the idea of some VBA code to stop the DB from opening on another machine.
ADezii 8,834
Recognized Expert Expert @garfieldsevilla - Declare the following Public Constant in a Standard Code Module. This CONSTANT represents the Unique String that must exist in the Registry of a PC before the Database will Open. You can, and probably should, change it to something more appropriate.
- '******************************************************
-
'Define your Unique String to Open the DB
-
Public Const conOPEN_ID As String = "2356GGF66KKL"
-
'******************************************************
-
- Execute the following code only ONCE. The exception to this Rule would be if and when you wanted to change the Password. This code actually writes the super-duper, top-secret, String to the System Registry at a specific location. Do not proceed if you do not see the Confirmation Dialog!
- 'Write this String to the Registry of the Club PC, ONLY ONCE, unless
-
'you wish to change the Password in the future
-
SaveSetting appname:="MyApp", Section:="OpenSesame", _
-
Key:="Password", setting:=conOPEN_ID
-
MsgBox "Registry has been modified!", vbInformation, "Registry Change"
- Place the following code in the Open() Event of your Start Up Form.
- Private Sub Form_Open(Cancel As Integer)
-
Dim strRetVal As String
-
'appname, Section, and Key must match 'EXACTLY'
-
strRetVal = GetSetting(appname:="MyApp", Section:="OpenSesame", _
-
Key:="Password", Default:="YaDa")
-
-
If strRetVal <> conOPEN_ID Then
-
MsgBox "You are not authorized to Open this Database on this PC!", _
-
vbCritical, "Illegal Access"
-
DoCmd.Quit acQuitSaveNone
-
End If
-
-
'If you get here, Password Identified, you are good to go!
-
End Sub
- Simply stated, if the PC on which the Database resides contains the Unique String in the System Registry, it will Open, if not the User will be warned that he/she are not authorized to use the Database on their PC, and the Database abruptly Terminates.
P.S. - There are work-around the above mechanism, but for obvious reasons, I'll not list them here. There are also other Methods to avoid intrusion upon the Data in the Database from other PCs which I also will not discuss. If you have any further interest, or questions, let me know and I'll address them in a Private Message to you, if warranted.
thank you, this is very complete.
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: robert |
last post by:
well, talk about timely. i'm tasked to implement a security feature,
and would rather do so in the database than the application code. the
application is generally Oracle, but sometimes DB2. Oracle has what
it calls package DBMS_RLS, which implements application ignorant
row level security.
scanning this group yielded "you can't do that; use views". then i
dug out DB2Mag qtr 1 2004, and there is MLS for v8/390. from this
article,...
|
by: Mike MacSween |
last post by:
S**t for brains strikes again!
Why did I do that? When I met the clients and at some point they vaguely
asked whether eventually would it be possible to have some people who could
read the data and some who couldn't but that it wasn't important right now.
And I said, 'sure, we can do that later'.
So now I've developed an app without any thought to security and am trying
to apply it afterwards. Doh!, doh! and triple doh!
|
by: Ashish |
last post by:
Hi Guys
I am getting the following error while implementing authentication using
WS-security.
"Microsoft.Web.Services2.Security.SecurityFault: The security token could
not be authenticated or authorized ---> System.Exception: WSE565: The
password provided the SecurityTokenManager does not match the one on the
incoming token. at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyPlainText
|
by: prithvi g via .NET 247 |
last post by:
Hi
I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll andMicrosoft.Samples.Runtime.Remoting. Security in both my clientand server. I have have defined my config files as follows
for client
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.runtime.remoting>
<application>
<channels>...
|
by: Earl Teigrob |
last post by:
Background:
When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is comprised of a DataGrid may have separate permissions for adding, deleting and updating a news item.
Problem
Up until now, I have been implementing security directly inside the control. I will test directly against the security model to see if...
| |
by: Magdelin |
last post by:
Hi,
My security team thinks allowing communication between the two IIS instances
leads to severe security risks. Basically, we want to put our presentation
tier on the perimeter network and the business tier inside the fire wall or
internal network. The biz tier will be developed and deployed as web services
on IIS.
I know microsoft recommends this architecture but I am not able to convince
my security team. They say IIS is vulnerable...
|
by: Jay C. |
last post by:
Jay
3 Jan. 11:38 Optionen anzeigen
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan 2006 02:38:30 -0800
Lokal: Di 3 Jan. 2006 11:38
Betreff: Referenced security token could not be retrieved
Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht |
Original anzeigen | Entfernen | Missbrauch melden
|
by: Velvet |
last post by:
I ran FxCop on one of the components for my web site and the security rules
what me to add " tags like the ones listed
below:
This breaks my ASP.NET application. So my question is, what should these
|
by: Jeremy S. |
last post by:
..NET's code Access Security enables administrators to restrict the types of
things that a .NET application can do on a local computer. For example, a
..NET Windows Forms application can be prevented from writing to the Registry
or writing a file to the local disk.
My question: Is this feature unique to .NET? Or is it just as easy for
enterprise network administrators to prevent COM applications from writing
to the Registry and doing...
|
by: Budhi Saputra Prasetya |
last post by:
Hi,
I managed to create a Windows Form Control and put it on my ASP .NET page. I
have done the suggestion that is provided by modifying the security settings.
From the stack trace, I would assume that the code throws exception when it
is trying to retrieve the processes list that has certain name. Below is the
code that I use to retrieve the processes.
Process processes = Process.GetProcessesByName("xxxx");
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |