By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,516 Members | 1,183 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,516 IT Pros & Developers. It's quick & easy.

Is data secure within an MDB/MDE file?

P: n/a
Hi All,

I have an MDB file which I want to remain secure. It checks for certain
parameters upon startup, and will automatically exit if the program is
opened/executed by an unauthorized user.

My concern is that somebody could read the MDB file using a utility such as
MDB Tools (http://mdbtools.sourceforge.net/) and then export the data from
my file. I have not used this tool, so is that actually possible using
this or some other method?

Is an MDE file more secure from this standpoint? The bottom line is that I
want to prevent anyone from gaining access to my data by parsing the MDB or
MDE file.

Thanks,
Norm
Nov 13 '05 #1
Share this Question
Share on Google+
7 Replies


P: n/a
"Norm" <od*****@comcast.net> wrote in message
news:Xn******************************@216.196.97.1 36
Hi All,

I have an MDB file which I want to remain secure. It checks for
certain parameters upon startup, and will automatically exit if the
program is opened/executed by an unauthorized user.

My concern is that somebody could read the MDB file using a utility
such as MDB Tools (http://mdbtools.sourceforge.net/) and then export
the data from my file. I have not used this tool, so is that
actually possible using this or some other method?

Is an MDE file more secure from this standpoint? The bottom line is
that I want to prevent anyone from gaining access to my data by
parsing the MDB or MDE file.

Thanks,
Norm


An MDE is no more secure than an MDB for the data. An MDE only secures
your design by removing the design versions of your forms/reports/code
etc.

If you want to secure your data you will need to use a database password
to prevent entry or use Workgroup security.
--
regards,

Bradley
Nov 13 '05 #2

P: n/a
"Bradley..... .." <b.***********@c.o.m.c.e.n..c.o.m..a.u> wrote in
news:SN*******************@news-server.bigpond.net.au:
"Norm" <od*****@comcast.net> wrote in message
news:Xn******************************@216.196.97.1 36
Hi All,

I have an MDB file which I want to remain secure. It checks for
certain parameters upon startup, and will automatically exit if the
program is opened/executed by an unauthorized user.

My concern is that somebody could read the MDB file using a utility
such as MDB Tools (http://mdbtools.sourceforge.net/) and then export
the data from my file. I have not used this tool, so is that
actually possible using this or some other method?

Is an MDE file more secure from this standpoint? The bottom line is
that I want to prevent anyone from gaining access to my data by
parsing the MDB or MDE file.

Thanks,
Norm


An MDE is no more secure than an MDB for the data. An MDE only secures
your design by removing the design versions of your forms/reports/code
etc.

If you want to secure your data you will need to use a database
password to prevent entry or use Workgroup security.


Thanks for the reply.

The problem isn't preventing access to the database - I already have a
security check for that. I'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the file.
That would bypass the Access application, and whatever
password/workgroup security that might have been set.

Norm
Nov 13 '05 #3

P: n/a
On Mon, 05 Jul 2004 17:51:36 -0500, Norm <od*****@comcast.net> wrote:

Standard admonition: workgroup security is an advanced topic.
Download, study, and fully understand the Access Security FAQ from
microsoft.com before proceeding.

But then workgroup security can be broken by cheap password crackers
available on the internet.

If you are really concerned about data security, Access is not the
best storage space. Consider MSDE (ships with Access 2000 and above)
or its bigger cousin SQL Server Standard Edition.

-Tom.
"Bradley..... .." <b.***********@c.o.m.c.e.n..c.o.m..a.u> wrote in
news:SN*******************@news-server.bigpond.net.au:
"Norm" <od*****@comcast.net> wrote in message
news:Xn******************************@216.196.97.1 36
Hi All,

I have an MDB file which I want to remain secure. It checks for
certain parameters upon startup, and will automatically exit if the
program is opened/executed by an unauthorized user.

My concern is that somebody could read the MDB file using a utility
such as MDB Tools (http://mdbtools.sourceforge.net/) and then export
the data from my file. I have not used this tool, so is that
actually possible using this or some other method?

Is an MDE file more secure from this standpoint? The bottom line is
that I want to prevent anyone from gaining access to my data by
parsing the MDB or MDE file.

Thanks,
Norm


An MDE is no more secure than an MDB for the data. An MDE only secures
your design by removing the design versions of your forms/reports/code
etc.

If you want to secure your data you will need to use a database
password to prevent entry or use Workgroup security.


Thanks for the reply.

The problem isn't preventing access to the database - I already have a
security check for that. I'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the file.
That would bypass the Access application, and whatever
password/workgroup security that might have been set.

Norm


Nov 13 '05 #4

P: n/a
"Norm" <od*****@comcast.net> wrote in message
news:Xn*******************************@216.196.97. 136
"Bradley..... .." <b.***********@c.o.m.c.e.n..c.o.m..a.u> wrote in
news:SN*******************@news-server.bigpond.net.au:
"Norm" <od*****@comcast.net> wrote in message
news:Xn******************************@216.196.97.1 36
Hi All,

I have an MDB file which I want to remain secure. It checks for
certain parameters upon startup, and will automatically exit if the
program is opened/executed by an unauthorized user.

My concern is that somebody could read the MDB file using a utility
such as MDB Tools (http://mdbtools.sourceforge.net/) and then export
the data from my file. I have not used this tool, so is that
actually possible using this or some other method?

Is an MDE file more secure from this standpoint? The bottom line is
that I want to prevent anyone from gaining access to my data by
parsing the MDB or MDE file.

Thanks,
Norm


An MDE is no more secure than an MDB for the data. An MDE only
secures your design by removing the design versions of your
forms/reports/code etc.

If you want to secure your data you will need to use a database
password to prevent entry or use Workgroup security.


Thanks for the reply.

The problem isn't preventing access to the database - I already have a
security check for that. I'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the file.
That would bypass the Access application, and whatever
password/workgroup security that might have been set.

Norm


If you don't have "real" Access security then anyone can probably import
data from your database.

Unfortunately there are also plenty of nasty tools to make all of your
security moot anyway :)
--
regards,

Bradley
Nov 13 '05 #5

P: n/a
Norm <od*****@comcast.net> wrote:
The problem isn't preventing access to the database - I already have a
security check for that. I'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the file.
That would bypass the Access application, and whatever
password/workgroup security that might have been set.


Then you'd want to use the database password which encrypts the entire MDB. Which,
IIRC, has many utility programs out there which can decrypt the MDB.
http://www.lostpassword.com/access.htm. Or for A97/Jet 3.5 it's free.
http://www.trigeminal.com/lang/1033/codes.asp?ItemID=5

Tony

--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
Nov 13 '05 #6

P: n/a
Norm <od*****@comcast.net> wrote:
The problem isn't preventing access to the database - I already have a
security check for that. I'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the file.
That would bypass the Access application, and whatever
password/workgroup security that might have been set.


The real problem though is that there is no way to secure physical access to the data
MDB. Anyone can visit the file share and copy the file down to thier hard drive and
email it or otherwise take it offsite. Then they have as much time to decrypt it as
they want.

The only way to get around this is SQL Server or MSDE or similar database engine
where the data is located on a physically locked room. The interface to the data
then is via the database engine and not through a file share.

Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
Nov 13 '05 #7

P: n/a
Norm <od*****@comcast.net> wrote in
news:Xn*******************************@216.196.97. 136:
'm concerned with someone using a tool to
open up my MDB file and then export the data directly from the
file. That would bypass the Access application, and whatever
password/workgroup security that might have been set.


If you've set up your Access security properly, they can't bypass
your workgroup security unless they use one of the downloadable
cracks for Jet security. That is, the data in a properly secured Jet
database cannot be accessed by someone with only Access/Jet alone --
it requires a 3rd-party cracking program.

If someone *can* get into your data file without your custom
workgroup, then you've failed to properly set up your Access
security.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #8

This discussion thread is closed

Replies have been disabled for this discussion.