none
MS Access 2016 encrypted back end database security problem RRS feed

  • Question

  • I have developed a MS Access 2016 database. It is split and the back end has been encrypted with a password. I have linked the back end tables to the front end successfully (using the password) and have saved it as an .accde file type.

    It all works very well. However, l decided to test the security by opening a blank database and trying to import objects from the front end (the accde). It allowed me to import the links to the back end tables without a password. It also allowed me to change the data.

    Is this normal or am I missing something? The whole point of creating an encrypted back end was to stop the users having direct access to the tables. If they can easily connect to them by importing the links in to a blank database, then it defeats the object of an encrypted back end.

    Any advise on this would be appreciated.

    Thursday, February 18, 2016 12:55 PM

Answers

  • Okay, yes you can Import all objects including the Linked Tables. Still only those you give access to the FE and permissions on the BE can do this. Make sure you control the permissions on the Folders and this will help prevent issues.

    Just takes a click to give thanks for a helpful post or answer.
    Please vote “Helpful” or Mark as “Answer” as appropriate.
    Chris Ward
    Microsoft Community Contributor 2012

    Thursday, February 18, 2016 2:58 PM
  • You may wish to avoid the built in connection to the BE and build your own connection through code. This should prevent others from importing the objects through the interface. Have a look at this link if you want to know more about it.

    jstreettech.com


    Just takes a click to give thanks for a helpful post or answer.
    Please vote “Helpful” or Mark as “Answer” as appropriate.
    Chris Ward
    Microsoft Community Contributor 2012

    Thursday, February 18, 2016 3:15 PM

All replies

  • Did you encrypt the FE?

    I think maybe you are linking to the BE directly or you have the actual Tables in the FE and just think you are connecting to the BE Tables. In Access 2007, 2010, 2013 & 2016 I can not recreate your issue. Look at the Tables in the FE and make sure they have the right pointing arrows as linked Tables will have. If they do not, then they are embedded Tables not Linked Tables.


    Just takes a click to give thanks for a helpful post or answer.
    Please vote “Helpful” or Mark as “Answer” as appropriate.
    Chris Ward
    Microsoft Community Contributor 2012


    • Edited by KCDW Thursday, February 18, 2016 2:23 PM
    Thursday, February 18, 2016 2:18 PM
  • Thanks for your response Chris.

    They are definitely linked tables in the front end. Linked to the encrypted back end.

    If you try and LINK from a blank database to the front end you do not get the option to link to the tables, however, if you IMPORT objects from the front end it does import the link without you having to enter a password. This is confirmed by looking at the hidden object tables in the blank database which then contains the password to the back end.

    Unfortunately adding encryption to the front end would not help.

    If a user knows the password to open the encrypted front end then they would be able to use that to import the table links in to a blank database.


    Thursday, February 18, 2016 2:42 PM
  • Okay, yes you can Import all objects including the Linked Tables. Still only those you give access to the FE and permissions on the BE can do this. Make sure you control the permissions on the Folders and this will help prevent issues.

    Just takes a click to give thanks for a helpful post or answer.
    Please vote “Helpful” or Mark as “Answer” as appropriate.
    Chris Ward
    Microsoft Community Contributor 2012

    Thursday, February 18, 2016 2:58 PM
  • You may wish to avoid the built in connection to the BE and build your own connection through code. This should prevent others from importing the objects through the interface. Have a look at this link if you want to know more about it.

    jstreettech.com


    Just takes a click to give thanks for a helpful post or answer.
    Please vote “Helpful” or Mark as “Answer” as appropriate.
    Chris Ward
    Microsoft Community Contributor 2012

    Thursday, February 18, 2016 3:15 PM
  • Thanks..... Looks very interesting.
    Thursday, February 18, 2016 4:27 PM