Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Join Date
    May 2006
    Posts
    386

    Unanswered: How can I Stop two users using the same username and password

    Again me! I have a table consisting of Users usernames and passwords. I have created a log in form as well where users select their usernames from the Combox and then enter their password in the password field then click ok to enter the main DB.
    I have just noticed that more than one person can use the same username and password at the same time AND this is not what I want.

    Is it possible to somehow stop two users using the same username and password? probably by flagging a message that This username is already in Use.

    Any help would be very much appreciated.

    regards
    emi
    Emi-UK
    Love begets Love, Help Begets Help

  2. #2
    Join Date
    Jun 2005
    Location
    Richmond, Virginia USA
    Posts
    2,763
    Provided Answers: 19
    The first question that comes to mind, of course, is how do two people know one person's password??? This situation kind of negates the whole point in having password limited access! And who do you want to grant access to, the first person who tries to go into the app, or the person who actually "owns" the user name/password? And what does the entitles user do if he/she tries to get in second? While I'm sure it's possible to check and prevent a second person from logging on in this manner, you really need to address this problem at the source, your users. If you don't do this you may as well scrap your "security!"
    Hope this helps!

    The problem with making anything foolproof...is that fools are so darn ingenious!

    All posts/responses based on Access 2003/2007

  3. #3
    Join Date
    May 2006
    Posts
    386
    Thank for your very prompt response.
    With regards to your first question: there are 8 users in a small office and some of them do know each others and due to the approximaty of office space it is inevitable to stop others knowing each others password. Alsoy they may want to user other persons username so when some mistakes happen, the actual user is blamed.

    Your 2nd question: I want to grand the access to the person who actually owns that username/password.
    Your 3rd Question: They second user should not be able to log in as any of the users who is already logged in as everyone has been given a username and password of their own.

    As i mentioned above, due to the nature and space of the office we have to have separate usersnames and passwords even if they know each others username and password. That is why I want to know if I can stop two users using the same username and password. And if 2nd user tries to use the same username and password then they he/she should be prompted with a messaging flagging "This username is already in use". This way, the user will know someone else is using his/her username and password.

    Thank you for your time.
    Emi-UK
    Love begets Love, Help Begets Help

  4. #4
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    Use the credentials from the currently logged in user. If they know each other's physical account password, then you're fighting a lost cause. Also consider beefing up your audit facilities, right now.
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  5. #5
    Join Date
    May 2006
    Posts
    386
    I am sorry. I couldnt exactly get what you meant by " Use the credentials from the currently logged in users" could you please clearly explain how can I stop two users using the same username and password while one user is already logged in.

    I know it sounds a bit silly and I also know that the aim for setting up username and password is that other users shouldnt know each others username and password to ensure security. Unfortunately, this is not possible in our environment and that is why I am seeking help from the forum members to help me stop two users using the same username and password ESEPCIALLY when one username is already logged in.

    Thank you for your help.
    regards
    emi-uk
    Emi-UK
    Love begets Love, Help Begets Help

  6. #6
    Join Date
    Sep 2003
    Location
    MI
    Posts
    3,713
    Well you could use a "tracking" table ... One that lists every user logged in ... But, you have a problem: Say that you're a user (or admin) who needs to do something "ad-hoc" on another machine ... Then you'd be blocking legitimate double (and sometimes more) logins for a particular user ...
    Back to Access ... ADO is not the way to go for speed ...

  7. #7
    Join Date
    May 2006
    Posts
    386
    Do you mean that If I create a "Tracking Table" "Which I dont know how to create such table to track users logged in" then I cannot modify the DB? Or what?
    For your info: At the moment we have 6 front Ends and the back end is in my computer with a copy of front end as well. whenever I bring any changes to the DB, I always do the samething on all front ends one by one.

    Thank you for your further assistance.
    Emi-UK
    Love begets Love, Help Begets Help

  8. #8
    Join Date
    Sep 2003
    Location
    MI
    Posts
    3,713
    Quote Originally Posted by Emal
    Do you mean that If I create a "Tracking Table" "Which I dont know how to create such table to track users logged in" then I cannot modify the DB? Or what?
    For your info: At the moment we have 6 front Ends and the back end is in my computer with a copy of front end as well. whenever I bring any changes to the DB, I always do the samething on all front ends one by one.

    Thank you for your further assistance.
    Not at all ... You can do whatever you want to ... As for creating a "tracking" table ... You DO know how to create tables in Access don't you???? If yes, then well ... Make one. Have your login or startup form write the login ID to that table ...
    Back to Access ... ADO is not the way to go for speed ...

  9. #9
    Join Date
    May 2006
    Posts
    386
    Thanks for your prompt reply. yes, I very well know how to create and modify tables in access. I also already have a table which has my usernames and passwords stored in it. This table has 3 fields ( UserId, Name, Password) field.
    My login form which is called fmlogin is not sourced from any table or query. It is an empy form then I have added contents of the table that has the username and passwords + a command button that users click after entering their usernames and password.

    I hope im not confusing you.
    Could you please advise further?
    Last edited by Emal; 09-21-06 at 13:01.
    Emi-UK
    Love begets Love, Help Begets Help

  10. #10
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    Quote Originally Posted by Emal
    I am sorry. I couldnt exactly get what you meant by " Use the credentials from the currently logged in users" could you please clearly explain how can I stop two users using the same username and password while one user is already logged in.
    I meant base your security on NT credentials.
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  11. #11
    Join Date
    Feb 2006
    Posts
    59
    I would suggest to use a tracking table like for e.g make a table usrcheck with initally just a usename field in it . set its property to unique so that a duplicate record isnt entered . now the function of this table should be that when a user enter's his or her password his username should get copied into the usrcheck table and since the property of tht username field is set to unique . another username will not be entertained by the usrcheck table . so no duplicate usernames on the database. and also when a user exits just flush out his username from that table

  12. #12
    Join Date
    May 2006
    Posts
    386
    Are you suggesting that without any relationship or anything else, I should just created a table as you described with only one field in it called "name" because the table that has the usernames and passwords has also the username field as "name" and it should just work? or are there anyother steps that I have follow or complete before the table does what it is expected of it?

    I have just created the table and first of all couldnt find where the properties of the "name" field was but i did change the index to "Ye, No Dublicate"
    but the users can still user each others usernames at the sametime.
    Could you please advise further?

    thank you for your time. Any help would be much appreciated.
    Last edited by Emal; 09-23-06 at 10:41.
    Emi-UK
    Love begets Love, Help Begets Help

  13. #13
    Join Date
    Dec 2004
    Location
    Madison, WI
    Posts
    3,926

    User names

    Take a look at the example. Maybe it will give you some insight on a different approach - I HATE having to login and enter a password to get into a program.
    Attached Files Attached Files
    Expert Database Programming
    MSAccess since 1.0, SQL Server since 6.5, Visual Basic (5.0, 6.0)

  14. #14
    Join Date
    Dec 2003
    Location
    Dallas, TX
    Posts
    1,004

    Cool

    Quote Originally Posted by Emal
    I am sorry. I couldnt exactly get what you meant by " Use the credentials from the currently logged in users" could you please clearly explain how can I stop two users using the same username and password while one user is already logged in.

    I know it sounds a bit silly and I also know that the aim for setting up username and password is that other users shouldnt know each others username and password to ensure security. Unfortunately, this is not possible in our environment and that is why I am seeking help from the forum members to help me stop two users using the same username and password ESEPCIALLY when one username is already logged in.

    Thank you for your help.
    regards
    emi-uk
    Ok, can we just back this puppy up to the beginning again. I am a simple mind so this might seem odd. No matter the size of the office, but seemingly, no rule of law applies there. If you are having everyone know and use each others username and password, WHY even have it in the first place? It doesn't permit or not-permit like any system I know of that uses username and passwords. Not being able to Truly identify who is accessing the database anyway, what is the purpose? If I perhaps could log in as Username: Emal and the password: privatepassword and all this being YOUR username and password, what is it's purpose?
    Now, being that ANYONE can log in as anyone and know their password, WHY are you wanting to track it? To what ends does it matter? If someone deleted info. accidentally, will you REALLY know who did it? A Tracking table will do no more than say that SOMEBODY did it. But in reality who? Who knows. So unless you are going to use Usernames and Passwords for what they were meant, you truly are wasting your time. Not being cruel, just factual and looking at reality. Just so that you can maybe better spend time getting the office in compliance with some rules.
    have a good one,
    BUD

  15. #15
    Join Date
    Jun 2005
    Location
    Richmond, Virginia USA
    Posts
    2,763
    Provided Answers: 19
    I agree with Bud! I've haven't joined back in the conversation since my original post for the all the reason he states. Tracking is useless if you can't identify who you're tacking! You're spitting in the wind doing anything if user names and passwords aren't kept secret. Given these circumstances, there's nothing short of going to some sort of biometric security system that will help, unless, of course, you simply fire anyone caught using a username/password other than their own!
    Hope this helps!

    The problem with making anything foolproof...is that fools are so darn ingenious!

    All posts/responses based on Access 2003/2007

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •