Hi Access experts,

I want to create my own database. The data collection will be
extremely pain-staking. I would like to create a Access database with
a front-end and back-end. The back-end will be encrypted. I would like
my users to use the database through the front-end but do not want
them to be able to steal my data in the backend. May I know if this is
possible without revealing the password?

Thank you.

klar wrote:
If the users are familiar with Access, then no, it is not possible. If they
are not familiar with it, and are not savvy enough to do some googling, then
yes, it is possible.

Per klar:
Put the data into an SQL Server DB - like the freebie version
that is often used w/Access.

Apply security such that nobody but you can get to the tables.

Then create stored procedures in the DB that supply the data you
want to feed into Access and then call them from Access when it's
time to load your forms.

A determined user can still scrape the screen, but at least they
cannot get to the tables.
--
PeteCresswell

Thank you for all your replies. The goal is not to have a perfectly
secure solution. This does not seem realistic based on what I
understand from Access. The goal is to inconvenience other people from
stealing the data and "reselling" it.

The requirement is to distribute the database as an stand-alone Access
file without requiring any networking. I encrypted the database with a
password. However, the moment the database is opened, the user is
prompted with a password. What if I want the user to be able to use a
front-end to use the database without releasing the password to them?
Can this be done? Any helpful internet links? My boss is chasing me on
this now. Thank you very much.

On Nov 25, 6:28*am, "(PeteCresswell)" <x...@y.Invalid> wrote:

You can hard-code the password into the connection strings of the linked
tables in your front end, but it will be clear text available to anyone who
knows to click ctrl-g and enter the command
?currentdb.tabledef("linked table name").connect
in the immediate window

klar wrote:

klar <klarbuf (AT) gmail (DOT) com> wrote:

The problem you face is essentially the same as faced by distributors
trying to encrypt DVDs - in the end the password must be accessible or the
user won't be able to access the content.

Your only real protection is copyright law - this kind of situation is
after all why copyright exists in the first place. Now it may be that what
you are selling is a collection of facts you've amassed which are not
themselves copyrightable, however your work as a whole can still be
protected by copyright, since a collection of facts can be a copyright work
taken as a whole. A dictionary is a good example - many of the entries in a
dictionary are too similar to all other dictionaries to be copyrightable,
but the dictionary as a whole is still a copyright work.

The protection afforded by access controls such as you are trying to
implement is actually mainly legal not cryptographic. Under the DMCA in the
USA and the Digital Copyright Directive in the EU, circumventing an access
control to gain an unauthorised form of access to copyright material is
itself an offence. So you may as well go ahead with an access function that
contains the password to the data, as long as you include some legal rubric
with the distribution that tells purchasers that they are forbidden to
access the material except through your interface on pain of prosecution
under the DMCA etc.

However IANAL so you should consult a copyright lawyer before putting your
product on the market.

If you are using the MDB format, and Access 2003 or earlier, you can put
enough security on the database that casual users will be kept out. Here are
a bunch of useful links. Pay particular attention to the first one, the
Microsoft Security FAQ. Read it several times, and always work on a copy
until you get it right:

Security FAQ
http://support.microsoft.com/support...ent/secfaq.asp

Lynn Trapp's summarization:
http://www.ltcomputerdesigns.com/The10Steps.htm

KB articles:
http://support.microsoft.com/default...;en-us;q165009
http://download.microsoft.com/downlo...-us/secfaq.exe
http://support.microsoft.com/default.aspx?kbid=325261

Joan Wild's articles:
http://www.jmwild.com/security02.htm
http://www.jmwild.com/security97.htm
http://www.jmwild.com/SecureNoLogin.htm
http://www.jmwild.com/Unsecure.htm
--
Arvin Meyer, MCP, MVP
http://www.datastrat.com
http://www.accessmvp.com
http://access.mvps.org
Co-author: "Access Solutions", published by Wiley


"klar" <klarbuf (AT) gmail (DOT) com> wrote

On Nov 25, 6:43*pm, "Arvin Meyer" <arv... (AT) invalid (DOT) org> wrote:
Have you considered using your own encryption for the backend
database? You can then embed the Key in a compiled front end database
and use queries (using the decrypt function) to retrieve all of your
data.

Here is a simple example of an XOR encryption:

On a form, create three textboxes (txtOriginal, txtEncrypted,
txtDecrypted) and two command buttons (btnEncrypt, btnDecrypt)


'********* start code **********
Private Function Encrypt(ByVal strInput As String, ByVal strKey As
String) As String
Dim iCount As Long
Dim lngPtr As Long

For iCount = 1 To Len(strInput)
Mid(strInput, iCount, 1) = Chr((Asc(Mid(strInput, iCount, 1))) Xor
(Asc(Mid(strKey, lngPtr + 1, 1))))
lngPtr = ((lngPtr + 1) Mod Len(strKey))
Next iCount
Encrypt = strInput
End Function
'****************
Private Sub btnEncrypt_Click()
Dim keystr As String

If IsNull(txtOriginal) Then Exit Sub
keystr = "BaNaNaS"

txtEncrypted = Encrypt(txtOriginal, keystr)

End Sub
'*****************
Private Sub btnDecrypt_Click()
Dim keystr As String

If IsNull(txtEncrypted) Then Exit Sub
keystr = "BaNaNaS"

txtDecrypted = Encrypt(txtEncrypted, keystr)

End Sub
'********** end code ************

You can use this function in a routine that steps through all of the
critical data in your tables and encrypts it.

Tom R