By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,466 Members | 2,140 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,466 IT Pros & Developers. It's quick & easy.

Security -- Protecting records within a table

P: n/a
Hello!

I have an HR database where we fill out performance reviews. That info
is confidential, but I need a director to be able to see that
information for his/her team members while hiding everyone else's
info.

I can do this through a parameter query that will prompt for a
password and then pull up only the appropriate employees.

My problem is that to do this, I have to put the password in each
record next to the employee's name. What I'd rather do is assign a
password to a director and associate that director with his/her team
members. I'm a little stuck on how to do this, since every director is
also an employee who is subject to a review. Do I need a new table?
Any help is appreciated.

Thanks!

Bill
Nov 12 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
"Pathos Bill" <bu******@jesusanswers.com> wrote in message
news:fd**************************@posting.google.c om...
Hello!

I have an HR database where we fill out performance reviews. That info
is confidential, but I need a director to be able to see that
information for his/her team members while hiding everyone else's
info.

I can do this through a parameter query that will prompt for a
password and then pull up only the appropriate employees.

My problem is that to do this, I have to put the password in each
record next to the employee's name. What I'd rather do is assign a
password to a director and associate that director with his/her team
members. I'm a little stuck on how to do this, since every director is
also an employee who is subject to a review. Do I need a new table?
Any help is appreciated.


You actually need a different database engine. Sensitive data doesn't belong in
an Access/Jet file unless everyone who uses that file is authorized to see
*all* of the data within it. A password system like you're describing would be
trivial to bypass for anyone with even a smattering of experience with Access.
For instance, what would keep a person from just linking to your tables from
another file and viewing everything in them, including passwords? (nothing).

Implementing Access user-level security would be an order of magnitude better
than anything home-cooked that you might attempt, but even that is easily
cracked by anyone willing to acquire the knowledge or tools to do so.
--
I don't check the Email account attached
to this message. Send instead to...
RBrandt at Hunter dot com
Nov 12 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.