Results 1 to 5 of 5
  1. #1
    Join Date
    Jun 2003
    Location
    Romania
    Posts
    2

    Red face Unanswered: Encrypt mdw file?

    Hello everyone,
    I have an access2000 aplication with security implemented, used on a server.
    I saw a program which hack the mdw workgroup file...and then anyone can see the users defined in mdw file, and the correspounding passwords. S, anyone can login with the administrator rights into the database...which can be very bad!!!!

    Is there any posibility to encrypt the mdw file????
    Thank you!

  2. #2
    Join Date
    May 2003
    Location
    Dallas
    Posts
    817
    Provided Answers: 5
    I do not think that you can with the encryption util in access.
    I believe there are other 3rd party vendors to encrypt but then they will have to invoked prior to access loading and looking at the mdw file

    What application is that you saw that looks at the PID and Password for the mdw - I was under the impresion that this was encrypted as well


    you can use notepad to view the mdw file (users only) but PID, password and other data is encrypted (i think)

  3. #3
    Join Date
    Jun 2003
    Location
    Romania
    Posts
    2

    Unhappy

    Thank you for your prompt answer!

    Unfortunately...this application exists...and yes, the passwords are encrypted, but this program decripted them.

    I tried to encrypt...or something (I thought like double encrypt or another encryption algoritm...) with the function from Tools->Security->Encrypt/Decrypt. But...it does not solve the problem. The passwords can be still founded.

    And..as the mdw file must be accessible to everyone...

    I can see no other solution but to write a VB application...which to connect to the access db...and handle the data. This is the only safe method I can find. And users and security to be implemented in VB modules. It is just a lot of work to be done!

    Any other ideea will be appreciated!

    Thank you everyone!

  4. #4
    Join Date
    May 2003
    Location
    Dallas
    Posts
    817
    Provided Answers: 5
    perhaps this will help

    Place the mdw file in a secure folder where only the users who have access to the mdw are allowed to view that folder.

    make sure that the security on that folder only allows read, access, and perhaps modify (only for those users) and no copy , delete, write permissions for those users and NO access for anyone else.

    When the user comes into the app have a hidden procedure that writes their id, time of access and time of exit to a linked table in your secure folder.

    At least that will help you monitor the flow of file access

    One more question:
    Did you create a new mdw file or are you using the default system.mdw file that comes with Office?

  5. #5
    Join Date
    May 2003
    Location
    Dallas
    Posts
    817
    Provided Answers: 5

    BTW - at my office we are a bit paranoid and write to log files for addition of records, modifications, deletes and the opening of certain forms.



    One more thing - what is the name of the app that does this - I am going to contact some of my friends at MS and check into a better security solution.
    Last edited by axsprog; 06-18-03 at 11:15.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •