By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,337 Members | 2,084 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,337 IT Pros & Developers. It's quick & easy.

Checking for passwords

P: n/a
If someone has created a database for me and transferred it over is
there any way that I can check I have full access to all areas?

I am a beginner with Access and so the development has been done by a
temporary employee who has now handed the database over to me. Not
that I think he is an untrustworthy character but I would sleep easier
at night if I could check he has given me 100% of the database and
three months down the line I am not going to get told I can't change
something due to a security setting or without a password he has put
in there.

Any help/ suggestions would be very much appreciated.

Thanks

S

Jun 7 '07 #1
Share this Question
Share on Google+
2 Replies


P: n/a
I would start by accessing clicking Tools Startup and check that all
the boxes are ticked. If you can't see a 'Startup' option you have had
already some restriction imposed.

Then look for the database window and make sure you can see all the
tables, queries, forms, reports, macros, modules, etc and check you
can access reports and forms in 'design' view.

Also try to access the VBA modules (Alt + F11) and see the written
code.

But the best one I think would be to ask your colleague!

Jun 7 '07 #2

P: n/a
Hi, Simon.
I would sleep easier
at night if I could check he has given me 100% of the database and
three months down the line I am not going to get told I can't change
something due to a security setting or without a password he has put
in there.
Let me play Devil's Advocate here. If you're a beginner now such that an
experienced Access database developer needed to create the database instead
of you, then three months from now you're still going to be a beginner.
You'll have learned a lot, but you'll still be a beginner in three months
because Access has a fairly steep learning curve. Therefore, an experienced
Access database developer is going to need to make those changes, unless
they're rather simple. An expert Access database developer can get past any
password or security setting, so you needn't worry that the next temporary
developer hired will be locked out of the database (unless your organization
refuses to hire an expert, which is a management decision and is completely
out of your hands -- so don't do any worrying about this on their behalf).

Now that you know the database is accessible despite your current level of
knowledge, will that help you sleep better?

If you're worried about passwords, there are only three kinds of passwords
built into Access: User-Level Security (which requires User ID and
password), Shared-Level Security (which is the database password), and the
VBA password. That doesn't mean that the developer didn't add passwords to
forms or reports using user-defined VBA procedures, but you'll have to look
at the VBA code yourself to determine that. And if you're asking us here
for that, then no amount of advice we can give you is going to help you
sleep better until you either hire someone to look at the code for you or
you get enough experience yourself.

What to check for on built-in password functionality:

1.) Navigate to the database file in Windows Explorer and double-click on
the file name. Are you prompted for a database password or a User ID and
user password? No? Then there aren't any passwords on the database file
you don't know about.

2.) Once the database file is opened, use the Database Window to select the
modules tab, then double click on one of the names to open it in the VB
Editor. Are you prompted for a VBA password? No? Then there isn't a VBA
password you don't know about.

3.) Go back to the Access Window. Select the Tools -Options... menu to
open the Options dialog window. Select the View tab. Ensure the "Show
System Objects" check box is marked, then select the "OK" button. Select
the Tables tab in the Database Window and open the MSysObjects table. Check
the first two columns, "Connect" and "Database." If they're both empty,
then you don't have any linked tables and therefore no linked tables'
passwords you don't know about.

If either of those two columns has information, then it tells you what
database or file is being connected to for that particular table and you can
use that information to try to open that database or file. If you aren't
prompted for a password when you try to open it from whatever method is
appropriate outside of Access, then there aren't any linked tables'
passwords you don't know about.

Move over to the "Name" column and check for any row starting with "~sq_"
which is an embedded query (such as the row source for a combo box on a
form). You'll need to check the rest of the name to determine which
database object that embedded query is referring to so that you can check
the correct Record Source Property or Row Source Property for any password
used to connect if it happens to be a remote query in another Access
database file.

4.) Go back to the Database Window and select the Queries tab. Open each
query in Design View and right click in the upper pane above the grid.
Select "Properties" in the pop-up menu. Is the Source Connection Str
Property empty? Yes? Then there aren't any remote queries for other
databases, and therefore no external database passwords that you don't know
about. If it's not empty, then the connection information will tell you if
a password is required, just like the "Connect" column in the MSysObjects
table.

5.) Select the Tools -Security -User and Group Permissions menu.
Select the "Change Owner" tab, and select "Database" in the "Object Type"
combo box. If the <Current Databaseobject says Admin is the "Current
Owner," then you are home free. There is no User-Level Security applied to
the database file, and there are no user passwords you don't know about.

However, if it says <Unknownis the current owner, then User-Level Security
has been implemented (although not correctly, because _you_ snuck in without
the correct credentials) and you are not joined to the correct Workgroup
Information File. If the owner is any other user, then User-Level Security
has been implemented, and you need to know the password of the owner of the
database so that you can make future changes, or convert to an MDE database
file, or remove security so that you can either replicate the database or
convert the database to future versions of Access. The database developer
should tell you the User ID's and passwords of the database owner and any
other relevant users (such as test users). You don't need to know the
password of any real users to do your job, so don't ask.

Don't forget that any hacker can do these steps, too, so whatever passwords
you find, he'll find, too. A good rule of thumb is to never save a password
in an Access database file, because that's one of the first places hackers
look to find passwords, since beginning Access developers are so willing to
forgo security for convenience.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
Blogs: www.DataDevilDog.BlogSpot.com, www.DatabaseTips.BlogSpot.com
http://www.Access.QBuilt.com/html/ex...ributors2.html for contact
info.
Jun 7 '07 #3

This discussion thread is closed

Replies have been disabled for this discussion.