locked
Connecting to remote Mysql - ODBC RRS feed

  • Question

  • We have an Access app using MYSQL as backend. We set up users in Mysql, and have a login form that connects and refreshes tables. 

    1st question: how would users reset password? do need to train someone in IT to do in Mysql cli or workbench? 

    2nd: what is best way to get specific error info back from odbc (to pass specific message to user that login failed due to authentication or database offline) . We're getting a generic code back from ODBC, regardless of error type.  

    thanks!

    Friday, December 18, 2020 2:32 AM

Answers

  • It depends on your security priorities...or in other words how relaxed are you regarding this issue.

    You could have a separate form where a user could answer 3 security questions and depending on the outcome have a hard coded user account execute a stored procedure to change the user's password (maybe with some extra hidden data like IP address,Computer/Username, HDD serial you name it)

    Or the manual way of having a person doing the reset ...again maybe with the help of a small utility application that will do exactly this

    or plain manual via a 3rd party utility....

    • Marked as answer by donnyc Sunday, December 20, 2020 1:07 AM
    Friday, December 18, 2020 11:21 AM

All replies

  • If you are on a Domain network: why even bother with logins. Just ask Windows who is logged in, and ask Active Directory which groups the user is a member of. Then assign rights accordingly.

    See also: http://www.accesssecurityblog.com/post/Securing-Access-databases-using-Active-Directory.aspx


    -Tom. Microsoft Access MVP

    • Proposed as answer by KHURRAM RAHIM Saturday, December 19, 2020 6:01 PM
    Friday, December 18, 2020 2:59 AM
  • It depends on your security priorities...or in other words how relaxed are you regarding this issue.

    You could have a separate form where a user could answer 3 security questions and depending on the outcome have a hard coded user account execute a stored procedure to change the user's password (maybe with some extra hidden data like IP address,Computer/Username, HDD serial you name it)

    Or the manual way of having a person doing the reset ...again maybe with the help of a small utility application that will do exactly this

    or plain manual via a 3rd party utility....

    • Marked as answer by donnyc Sunday, December 20, 2020 1:07 AM
    Friday, December 18, 2020 11:21 AM
  • while I realize the question is about login method; am wondering why the need to "connects and refreshes tables"  ?? ..this is not normally needed....
    Friday, December 18, 2020 1:23 PM
  • thanks Tom - I will check, but I don't believe all the users will be on same domain with AD. I will def look into that in future, as I just now seeing that AWS RDS mysql can talk to AD. 
    Friday, December 18, 2020 8:36 PM
  • yes, I spoke incorrect. the login really just does handshake via dsn-less connection string, and then execs "select 1" - Then the prior linked tabledefs (with same connection string) are accessable.  
    Friday, December 18, 2020 8:47 PM
  • thanks John!

    with the separate form option and 3 questions..

    * for those questions, assume would store 3 diff for everyone. Then for a later reset attempt, pass the user's answers in SP to validate, and if good, change that users Password..interesting..

    * also, when storing the answers initially, also grab something like IP address or HDD serial, to use as a secondary check? ...very cool..:)

    lastly, would you happen to be famiiiar with any utilities, plugins that may handle allowing users resetting their own password?  

    thanks again!! 

    Friday, December 18, 2020 9:31 PM