I am using Access 2007 and I am a complete ignoramus with this stuff.
I have designed a modal login form for my database that is working perfectly. I did this by placing an invisible dlookup that finds the correct password for the employee id that was entered as the username. This lookup is compared to the password the user entered and, if they are equal, the form closes.
Here is the code that I used: -
Private Sub cmmndLogIn_Click()
-
-
'Check to see if data is entered into UsernameSelect
-
-
If IsNull(Me.UsernameSelect) Or Me.UsernameSelect = "" Then
-
MsgBox "You must select the name of a current call center employee.", vbOKOnly, "Required Data"
-
Me.UsernameSelect.SetFocus
-
Exit Sub
-
End If
-
'Coded in by Jesse Jones on 1/21/10
-
-
'Check to see if data is entered into PasswordEnter
-
-
If IsNull(Me.PasswordEnter) Or Me.PasswordEnter = "" Then
-
MsgBox "You must provide a password.", vbOKOnly, "Required Data"
-
Me.PasswordEnter.SetFocus
-
Exit Sub
-
End If
-
'Coded in by Jesse Jones on 1/21/10
-
-
'Lookup correct password for value entered in UsernameSelect
-
-
Me.EmpPasswordLookup.Value = DLookup("[EmpPassword]", "Employees", "[EID] ='" & Me.UsernameSelect & "'")
-
'Coded in by Jesse Jones on 1/21/10
-
-
'Compare value of PasswordEnter to EmpPasswordLookup
-
-
If Me.PasswordEnter.Value = Me.EmpPasswordLookup.Value Then
-
-
-
'Close logon form
-
-
DoCmd.Close acForm, "formLogOn", acSaveNo
-
-
Else
-
MsgBox "Invalid Username/Password. Please try again.", vbOKOnly, "Invalid Entry!"
-
Me.PasswordEnter.SetFocus
-
Exit Sub
-
End If
-
'Coded in by Jesse Jones on 1/21/10
-
-
-
End Sub
-
'Coded in by Jesse Jones on 1/21/10
-
What I would like to do is require a password change if the user's password is the default password assigned to all new employees ("setup1").
So, if the password is "setup1" I want to require it to be changed automatically through a form. If it is any other password, I simply want it to be authenticated.
Can anyone please help me with this? This is the first design work I have ever done.
Thank you!
Hi Jesse,
Welcome to Bytes!
It looks like you've basically got the problem solved. You just need to add a couple of lines of code before line #28. Type in: -
If Me.EmpPasswordLookup.Value = "setup1" Then
-
Msgbox "You must change your password"
-
Exit Sub
-
End If
-
Instead of using the Exit Sub line, you could use... -
DoCmd.Close Me.Name
-
DoCmd.OpenForm "YourPasswordChangeForm"
-
...to close the current form and open the password change form.
Hope this helps and good luck,
beacon
8  13844 
Hi Jesse,
Welcome to Bytes!
It looks like you've basically got the problem solved. You just need to add a couple of lines of code before line #28. Type in: -
If Me.EmpPasswordLookup.Value = "setup1" Then
-
Msgbox "You must change your password"
-
Exit Sub
-
End If
-
Instead of using the Exit Sub line, you could use... -
DoCmd.Close Me.Name
-
DoCmd.OpenForm "YourPasswordChangeForm"
-
...to close the current form and open the password change form.
Hope this helps and good luck,
beacon
Can't the users edit the table directly and change their password and see other people's passwords?
Perfect. Thanks for your help, Beacon. I knew it was simple, but I didn't know what it was.
They can right now, rabbit, but I'm writing user-level permissions. When this goes live, they won't even know that table exists.
Access 2007 right? Didn't they remove user level security? Or are you implementing user level security through VBA? That's not very secure since you can just stop code from running.
Anyways, you should probably read this article before you decide to store everything as plaintext. http://www.codinghorror.com/blog/200...correctly.html
Either way, if security is a real concern, using Access to implement it is not the best choice.
Rabbit, thanks for the tips and the link. You're right, storing passwords is always a security concern. However, this is in internal database which will never be open to public. Security is not my highest priority on this database. I can admit that. My goals are 1. basic security to keep honest users and those who aren't grasping their training quickly from destroying this database and 2) to auto enter user information into various forms and datasheets.
Having said that, I am aware of the shift bypass key (I assume this is to what you are referring, but as I said, I am below a novice on this stuff) but also understand that there is a way to disable this.
Thank you for the advice. If I am totally missing the boat, please feel free to let me know. I appreciate the tips and insight.
As long as you're aware of the implications and the risk is not a concern then it shouldn't be a problem.
@Jesse - I'm glad it worked for what you're doing Jesse. Good luck with the rest of the project.
@Rabbit - Not to hijack Jesse's post, but what other methods would you suggest to secure a database? Is it possible to encrypt passwords using hash values instead of as plain text?
Yes, you can encrypt a password using a hash. A hash is a one way encryption. Towards the bottom of this thread, we discuss password hashing. http://bytes.com/topic/access/answer...ption-password
If you want to discuss other options, please create a new thread and we can go over it there.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: David |
last post by:
Hi, It's easy, visit http://www.ccsoftcn.com and download Access
Password Recover 1.62 to help you.
Can receive the correct password within 1 second.
Can change or clear password for the...
|
by: mrouleau |
last post by:
I am sorry if this is the wrong group to ask, if so please point me in
the correct direction.
My problem is I have an MDB file with user-level security on it
(mdw). When i move it over to a...
|
by: lineah |
last post by:
How can J use animated icons or play avi file in microsoft access 12
|
by: tbeers |
last post by:
I am currently using Access 2003 and am pretty satisfied. I have to deploy numerous appications this year. Any reason to go to Access 2007 for development and use the apparently free "runtime"...
|
by: =?Utf-8?B?QW15?= |
last post by:
I'm currently using Microsoft Office 2007 which includes Access. I have set
up a secondary language in my computer since this is required, however I have
set the default input language as English...
|
by: fifothekid |
last post by:
Hi everybody,
I made a primitive cost control database system using Microsoft Access 2007 as a front-end (don't ask my why did I use Microsoft Access!!!) and SQL Server 2005 Enterprise as a back-end...
|
by: rebel4ever |
last post by:
The Microsoft Access 2007 has a nice feature to collect data from an e-mail. It can be used by accessing the External Data > Create E-mail menu, and from there there's a series of questions and...
|
by: Seun Oguntomini |
last post by:
Hi,
How are you and work? Pls am a user of Microsoft Access 2007. There is need for me to enter multiple words in a field in MS Access 2007 which am finding it difficult to do
For me to be able...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
