Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Join Date
    Feb 2008
    Posts
    11

    Question Unanswered: ACCDB 2007 format

    hello, is it possible to programmatically set or change the password to an accdb file from within an application? (my app is written in VB 6)
    i know this was possible in the old mdb format but what are the options for the new format? i must use the accdb format for security reasons.

    thanks!

  2. #2
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    i must use the accdb format for security reasons.
    Can't see why since the new format has had security stripped. The older formats are in fact more secure.

    As for the main question, no idea sorry. I've never tried to do such a thing.
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

  3. #3
    Join Date
    Feb 2008
    Posts
    11

    Red face

    Quote Originally Posted by StarTrekker
    Can't see why since the new format has had security stripped. The older formats are in fact more secure.

    As for the main question, no idea sorry. I've never tried to do such a thing.
    had security stripped? can you explain further? how has the accdb security been bypassed? are you saying that an encrypted password protected accdb file can be opened or something by anyone? password cracker? sorry, just wanting to understand better.

  4. #4
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    There are / will be password crack tools to not only bypass but reveal such passwords to you. Any idiot with the right tool will be able to do this -- or already can. Just as it has been for all versions of Access.

    The only form of security that has been worthwhile in Microsoft Access was User Level security and that has been trashed in Access 2007, instead of improved upon.
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

  5. #5
    Join Date
    Feb 2008
    Posts
    11

    Thumbs up wow

    okay, well yea i googled for a long time for such a tool and came up with nothing so i guess we'll just have to wait it out and see how long it takes someone to come up with something....hopefully a long time. if you find something though, please let me know dude. i'd be very interested in it!
    thanks again.

  6. #6
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    Breaking through passwords in Access 2007.

    Hmm... Done. Found one in less than 5 minutes with Google, but I'm not pasting a link to a warez site. Might be against the rulez here. I couldn't find the rulez here tbh, but I am the rulez god on another forum, so I know how to be good

    In any case, passwords in 2007 are now completely useless.

    Quite annoying that Microsoft got rid of Userlevel Security really. ACCDE files is the only effective way of securing code and that will be beaten soon enough. The only thing that used to work was that Userlevel Security.
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

  7. #7
    Join Date
    Feb 2008
    Posts
    11

    Thumbs up ok well

    Quote Originally Posted by StarTrekker
    Breaking through passwords in Access 2007.

    Hmm... Done. Found one in less than 5 minutes with Google, but I'm not pasting a link to a warez site. Might be against the rulez here. I couldn't find the rulez here tbh, but I am the rulez god on another forum, so I know how to be good

    In any case, passwords in 2007 are now completely useless.

    Quite annoying that Microsoft got rid of Userlevel Security really. ACCDE files is the only effective way of securing code and that will be beaten soon enough. The only thing that used to work was that Userlevel Security.
    can't you PM me it instead of posting it???? or tell me the search words you used in google? : )

  8. #8
    Join Date
    Feb 2008
    Posts
    11
    lol..."still waiting" haha.
    maybe it's a real safe kept dark secret? :P

  9. #9
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    Don't forget time zones ... I have to sleep sometime

    I could PM it to you, but first tell me why you need it. The fact is that it's there. Do a google search for yourself if you don't believe me. I searched for:

    "access 2007 password" crack

    From there it won't take long to find one. Just make DAMNED sure your anti-virus software is working well, up to date etc and I strongly recommend you have something like NoScript installed before you click even one link from the results. Ignore this warning at your own peril.
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

  10. #10
    Join Date
    Feb 2008
    Posts
    11

    Thumbs up

    Quote Originally Posted by StarTrekker
    Don't forget time zones ... I have to sleep sometime

    I could PM it to you, but first tell me why you need it. The fact is that it's there. Do a google search for yourself if you don't believe me. I searched for:

    "access 2007 password" crack

    From there it won't take long to find one. Just make DAMNED sure your anti-virus software is working well, up to date etc and I strongly recommend you have something like NoScript installed before you click even one link from the results. Ignore this warning at your own peril.
    i only need it to test against my accdb file for the program i am writing. not using it for ill intent at all. yes i use NOD32 and it's up to date...

  11. #11
    Join Date
    Feb 2008
    Posts
    11

    Thumbs down look

    from the first result from your search criteria "access 2007 password crack":
    1st result:
    "Passwords to open are extremely hard to break in Office 2007. To recover the password, brute-force attack or dictionary search must be used. These programs have been developed in such a way that even the most optimized password breaker works very slowly. There is no easy solution and no success guarantee. Unless the password is very short or a constitutes a simple dictionary word, you have to spend a lot of computing resources to recover it."

    and the 2nd result from the google search...nope, no dice dude...everything tries to bruteforce the password...well good grief. that's useless!! any good password other than "sally" or normal words like that are safe.
    Every program on the first 3 pages i tested...NONE of them work : )
    all try and bruteforce because that is the only way it can be done. so in other words, it can't be done : ) any secure password isn't going to be revealed by any of these programs...

  12. #12
    Join Date
    Nov 2007
    Location
    Adelaide, South Australia
    Posts
    4,049
    As long as you're happy with it then I guess it's secure ^^
    Owner and Manager of
    CypherBYTE, Microsoft Access Development Specialists.
    Microsoft Access MCP.
    And all around nice guy!


    "Heck it's something understood by accountants ... so it can't be 'that' difficult..." -- Healdem
    "...teach a man to code and he'll be frustrated for life! " -- georgev

  13. #13
    Join Date
    Feb 2008
    Posts
    11

    Talking lol

    Quote Originally Posted by StarTrekker
    As long as you're happy with it then I guess it's secure ^^
    well honestly it's really not a matter of being happy with it, i'm just going by the facts. and the facts that i've read about this on every link and every program i've tried to crack the password, clearly show that the only way you can crack the password is with a dictionary attack or brute force. well good lord, of course i'm happy with that. every frigg'n mechanism is vulnerable to a dictionary attack or brute force. A good long password with caps and mixed letters/numbers would take forever and a day to crack, IF that was even possible. so yea dude, that clearly is something to be happy about.

  14. #14
    Join Date
    Dec 2002
    Location
    Préverenges, Switzerland
    Posts
    3,740
    mmmmm
    try encrypting a fixed plaintext in AES/Rijndael - different cyphertext result each time. have a go cracking that with dictionary/rainbow attacks.

    izy
    currently using SS 2008R2

  15. #15
    Join Date
    Feb 2008
    Posts
    11

    Wink true

    Quote Originally Posted by izyrider
    mmmmm
    try encrypting a fixed plaintext in AES/Rijndael - different cyphertext result each time. have a go cracking that with dictionary/rainbow attacks.

    izy
    i agree 100%. and i'm not saying that this is anything compared to something like that. i use that encryption in the trucrypt program for mounting encrypted drives on my system to protect my data. good stuff. i'm just saying though that MS has at least made it far more difficult to get the password in access this time instead of using the old fumbling mechanism in previous versions. so a good password would still take a lifetime to guess, and when i'm dead and gone i dont care who has the password : ) heheh.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •