Results 1 to 6 of 6
  1. #1
    PinkishToe is offline Novice
    Windows 10 Access 2013 32bit
    Join Date
    Dec 2021
    Posts
    3

    Preventing alteration of allowbypasskey property from an outside database


    Hi all,

    I have looked high and low but haven't come up with an answer to this yet.

    Using MS Access 2013, and an accdb file, how can you prevent users from changing the allowbypasskey from outside the database?

    I can secure it once the database is opened, and shuts down but a user can still changing it by referencing it from another Access project.

    So, is there a way to prevent changes to this property in a .accdb file?

    Thank you

  2. #2
    PinkishToe is offline Novice
    Windows 10 Access 2013 32bit
    Join Date
    Dec 2021
    Posts
    3
    I will mention, I am open to using accde files as well.

  3. #3
    isladogs's Avatar
    isladogs is offline Very idle programmer
    Windows 10 Office 365
    Join Date
    Jan 2014
    Location
    Somerset, UK
    Posts
    5,188
    Sorry to tell you this...but you can't prevent knowledgeable Access users re-enabling the shift bypass externally in an ACCDB file.
    ACCDE files will be more secure but not immune from hacking

    Never rely on the shift bypass feature alone for security. See my article Improve Security 2 - Mendip Data Systems (isladogs.co.uk)
    Colin (Mendip Data Systems): Website, email
    Try again. Fail again. Fail better.
    A
    sking for help isn't giving up. Its refusing to give up.

  4. #4
    PinkishToe is offline Novice
    Windows 10 Access 2013 32bit
    Join Date
    Dec 2021
    Posts
    3
    Thanks for your input, however I still don't see how your solution would stop users from enabling the bypass, and with appropriate knowledge, showing the tables

  5. #5
    isladogs's Avatar
    isladogs is offline Very idle programmer
    Windows 10 Office 365
    Join Date
    Jan 2014
    Location
    Somerset, UK
    Posts
    5,188
    As already stated, it is IMPOSSIBLE to prevent anyone re-enabling the shift bypass externally
    My various suggestions are designed to add additional layers of security to make it that much harder to gain access

    Using an ACCDE file is one such step...
    BUT as the first part of the article clearly states:
    Access databases can NEVER be made 100% secure
    A capable and determined hacker can break any Access database given sufficient time and motivation.
    However, by erecting various barriers, it is certainly possible to make the process so difficult and time consuming that it isn't normally worth attempting.

    NOTE
    It is possible to make all tables deep hidden so these never appear in the navigation pane even if hidden & system objects are both ticked.
    That is an approach that I use regularly.
    However, even doing that isn't 100% secure. An expert can still overcome that approach externally
    Colin (Mendip Data Systems): Website, email
    Try again. Fail again. Fail better.
    A
    sking for help isn't giving up. Its refusing to give up.

  6. #6
    Ajax is online now VIP
    Windows 10 Access 2010 32bit
    Join Date
    Mar 2015
    Posts
    9,567
    I still don't see how your solution would stop users from enabling the bypass, and with appropriate knowledge, showing the tables
    As Colin has said, simple answer is - you can't stop knowledgeable users from enabling the bypass. Suggest you read the rest of Colin's articles on securing an access database. Point is because you can't you need to do other things such has hiding the navigation window, the ribbon etc. which Colin explains

    In summary of Colin's link, If you want to protect data, password protect the back end (if your app isn't split, that is your first problem, so split it). Use a .accde for the front end, don't use linked tables and don't use queries. Instead generate these objects in your code as and when required at runtime. Even then a knowledgeable user can possibly still find the password to the back end so obfuscate your code and use encryption for your passwords as well.

    You won't find an off the shelf solution (what would be the point of advertising 'this is how to break into my database'?) you need to make your own. You might find some suggestions if you google 'secure an access database' or similar.

Please reply to this thread with any new information or opinions.

Similar Threads

  1. Toggle AllowByPassKey Property
    By Paul H in forum Database Design
    Replies: 12
    Last Post: 10-25-2017, 11:01 AM
  2. Latitude and Longitude alteration
    By tmcrouse in forum Access
    Replies: 3
    Last Post: 11-19-2015, 10:40 AM
  3. Create Property for AllowBypassKey
    By robbeh in forum Programming
    Replies: 2
    Last Post: 11-11-2014, 03:56 PM
  4. Process Alteration Database Design Methodology.
    By cap.zadi in forum Database Design
    Replies: 9
    Last Post: 10-30-2012, 03:51 AM
  5. Preventing changes in a split database file
    By kcollop in forum Database Design
    Replies: 2
    Last Post: 07-23-2012, 02:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Other Forums: Microsoft Office Forums