It is true that using the Access/Jet Encoding does prevent an average user
opening your database in a word processor and identifying textual data.
However, the encryption is very easily breakable since the random 'Key' is
stored within the file header. Therefore the encoding is 100% reversable
(and a free tool exists to decode the databases on the net).
For your information, the encryption is RC4 and based on a 32 bit key. The
encryption is applied at Jet-page file level (each page in mdb files is 2k
(jet3) or 4k (jet4)) therefore the effect is global to the file rather than
to a 'connection or query' as you asked.
Some other things to consider are that the encryption does slow down
performance (MS say 15% reduction) and the chances of recovering data from a
corrupt encoded database are considerably lower than a non-encoded file.
Also, I would suggest that corruption is also more likely to occur in an
encoded/encrypted database.
Quite simply, do not rely on the Encode/Decode feature of Access in any way
to protect your data. IMO it is quite simply not worth using at all due to
the performance decrease, corruption issues and the fact it is completely
reversable.
Regards,
Wayne Phillips
http://www.everythingaccess.com
"AR" <ad*******@hotmail.com> wrote in message
news:11**********************@l41g2000cwc.googlegr oups.com...
I would like to know more about the Encode/Decode feature available
within MS Access.
This is what I have read from Microsoft Office OnLine:
"The simplest method of protection is to encode the database. Encoding
a database compacts the database file and helps protect it from being
read by a word processor."
Is this recommended as a best practice? What is the impact on
performance? How secure is this? What does it use to encode and
decode the database? And when does the encoding and decoding occur?
Every connection? Every query?
Any help is greatly appreciated. Thanks.