ACC: Overview of How to Help Protect a Microsoft Access Database

This article provides an overview of how you can secure a database so that it is not changed or copied by other Microsoft Access users.

This article assumes that you have a thorough understanding of the pieces that make up the Microsoft Access security model: workgroups, accounts, ownership, and permissions. For more information about the Microsoft Access security model, you can obtain the "Security Wizard and White Paper for Version 2.0" document.

For information about how to download the "Security Wizard and White Paper for Version 2.0," please see the following article in the Microsoft Knowledge Base:

122036  (http://support.microsoft.com/kb/122036/EN-US/ ) ACC2: Security Wizard and White Paper for Access 2.0 Available

For an overview of how to secure a database in Microsoft Access version 7.0, search the Help index for "security, user-level security" and display the topic, "Secure a database using the Security Wizard."

For an overview of how to secure a database in Microsoft Access 97, search the Help index for "security, overview" and display the topic, "Secure a database." Scroll to the bottom of the topic and click the link to "Secure a database with the User-Level Security Wizard."

Three common mistakes you can make when you create a database that enable other Microsoft Access users to circumvent security are as follows:

• You create the database and its objects while you are logged in as the Admin user.
• You do not remove the default Users group permissions that are granted in full for all objects.
• Your distributed application includes the same SYSTEM.MDA file used to create the database. In the SYSTEM.MDA, the Admin account has no password and is a member of the Admins group.

To protect your database from being changed by other Microsoft Access users, follow these steps:

1. Open the Workgroup Administrator (WRKGADM.EXE) file and create a new system database (SYSTEM.MDA in versions 1.0 and 2.0; SYSTEM.MDW for version 7.0 or later) that has a unique Name, Organization, and Workgroup ID.
2. Start Microsoft Access and open any database.
3. On the Security menu, click Change Password. Assign a password to the Admin user account.
4. On the Security menu, click Users. Create a new user account, and then add the account to the Admins group.
5. In the Users box, select the Admin user name. Remove the Admin account from the Admins group.
6. On the File menu, click Exit. Restart Microsoft Access and log in as the new user you created in step 4.
7. Create a new database.
8. On the Security menu, click Permissions. By making the selections in the Object Type box, remove the default Users group permissions for the following objects that appear in the Object Name box:
   

         - <Current Database>
         - <New Tables/Queries>
         - <New Forms>
         - <New Reports>
         - <New Macros>
         - <New Modules>
   						

9. Import all of the objects from your original database into the new database.
10. Create other group and user accounts as necessary.
11. Assign group and user permissions to your objects as appropriate.
12. Close the database, and then use the Encrypt/Decrypt Database command to encrypt the database. (This step is optional.)

Microsoft Access "Building Applications," version 2.0, Chapter 14, "Securing Your Application," pages 313-344