Protection given in Access
Protection with use the password BD
The Givenned way of the protection allows to install the password on opening BD, for all users. For his(its) creation necessary to open the file BD in "monopoly" mode and choose the point a menu Service / Protection / Assign the password a database. For work with such database in MS Access it will take to enter the password. Here is example of the work with file BD, using DAO or ADO.
Public Sub TestDAO()
Dim mWS As DAO.Workspace
Dim mDB As DAO.Database
Set mWS = DBEngine.Workspaces(0)
Set mDB = mWS.OpenDatabase ("C:\a97.mdb", True, True, ";pwd=123")
End Sub
Public Sub TestADO()
Dim CnDB As New ADODB.Connection
CnDB.Open "Provider=Microsoft.Jet.OLEDB.4.0" & ";Data Source=C:\a97.mdb" & ";Jet OLEDB:Database Password=123"
End SubThis too not the most reliable way of protection database. Exists the sufficient amount free and pay scrap, displaying password. Including available исходники of the code on VB allowing read such password. In other not all so bad.
This is because some developers consider that except english, the other languages does not exist. It is Enough to comprise of password russian letters to provide in stupor of the user, which uses such program. Yes, they like and open the password, but that they give as password, analyse impossible.
We shall Continue the plays with password database. For instance, possible use in password unprintable symbols. In the first place this way targeted on reluctance to determination of the passwords by means of special programs. The Standard way of the installation and use the password BD implies his(its) entering with keyboards in dialogue window. If sewer of the password contains the unprintable symbols, that they will not be correct отображены program openning passwords BD. On the other hand this password it is impossible carry in dialogue window at opening BD in MS Access.
If password contained the symbols to tabulations, Esc or Enter, that standard image You have not been able their carry the password in window of the entering. The Way is founded on that that password BD format Access 2000 and 2002-2003 - a text line in format Unicode (in Access 97 ANSI). Herewith no nor what restrictions on her(its) contents. In specification database and in reference on DAO 3.60 is specified that maximum number symbol in password - 14. But indeed their can be 20. Herewith and itself Access 97 does not allow entering the lines of the password more than 14 symbols. In specification Access 2003 is also said about 14 symbols, but program allows entering all 20. Also possible use unprintable symbol that brings the majority of the programs breaking open passwords in stupor.
For installation of such password it will take to use the special program, using method CompactDatabase libraries ADOX or DAO. But, as it is spoken, against the whole possible find the crowbar. And such protection is opened.
First, possible use the program AccessRecovery, which creates the new file without protection and carries in it tables, requests, the forms, макросы, reports and code of the modules.
Hear or change the password BD possible, without recourse special programs. In Access 97 passwords is got by adding on XOR password with 20 byte sequences. Importances these byte possible to get from any not protected by password mdb file. As from Access 2k, in connection with use Unicode, for keeping 20 symbols of the password отведены 40 bytes. Adding is also used At cryptooperation on XOR, but for reception of the sequences byte corresponding to started password necessary to create the file since date under investigation BD. The Got bytes possible to insert in under investigation file and обнулить password, or pack them with similar byte of the under investigation file and get importance of the password. But all this already requires presence of the certain knowledges and experience, so that there is chances on that curious user bore experiment.
CRYPTOOPERATION/Deshifrovanie bases facility Access
Here is that I have found about coding/unscrambling database Access in book Access 2002. The Development of corporative applications P.LITVINA, K.GETC and M.GUNDELOYA.
As it were well was not protected database Jet, any the least bit quick-witted hacker can with the help of low-level disc editor and gain access to her(its) contents. So serious protection database expects else and their cryptooperation. Certainly, breaking in database deal not the most ordinary, but searcher of the adventures always can inhere. Itself cryptooperation database does not yet guarantee her(its) reliable protection, but all prevent her(its) viewing a facility external to Access and Jet.
Zashifrovati and decover the database can only her(its) owner and members of the group Admins. For cryptooperation Jet uses the algorithm RSA (is named on the first letter surname his(its) inventors: Rivest, Shamir, Adelman) with key on base of the working group identifier. For cryptooperation and дешифрования is intended command Access Tools > Security .> Encrypt / Decrypt Database.
Beside cryptooperations database there is two negative side effects. First, falls her(its) speed on estimation Microsoft, percent on 10-15. Secondly, scrambled database it is impossible compress such program, as PKZip, LHA, Stacker and DriveSpace. More exactly, compress possible, only there is no point in it her(its) size will decrease small .
Here is that to manage else to dig on put Microsoft:
The Cryptooperation database this simplest way of protection. At cryptooperation database her(its) file is compressed and becomes inaccessible for reading by means of official programs or text editor.
The Cryptooperation is usually used under electronic transmission database or conservation her(it) on diskette, cassette or compact disk. Encode-decipher the base can or master of the base, or user with администраторскими privilege and permit to load the base in monopoly mode.
Little потыкал of the key. In encoded base possible to add record, but available - change. The Encoded base possible to compress. The Tables from encoded base possible подлинковывать.
The Password on the base is not encoded. The Body of the base is encoded as from the address 1000h. When viewing the body of the base by miscellaneous вьюерами there really ерунда. The Programs of the type AccessFix can not nothing from the base выдрать. (at least once versions 3.70). They there simply nothing do not find. The Objects are from encoded base possible to import in the other base and they already will not encoded.
The Output, encode cost(stand)s the base, already protected standard facility with the help of MDW.
On that not smog to find the answer:
- possible to encoded base be connected from the other client - VB, Delphi, VC... (sooner whole possible)?
- in the event of ruin as probability of the reconstruction encoded BD?
Protection with the help of terminal access to server
Practically непрошибаемая protection. And клиентская part and the base with table is found on server. Beside client on computer is emulated terminal of the server. As if you for he sit (in the sense of, for server). Possible adjust the terminal access so that when start the required problem (on label), request corresponding to passwords of the access to system, is immediately loaded required base. When closing the base terminal is closed. Protection is prescribed In most base from шифта, are unplugged all standard Access-овские menu and hot keys, is disconnected a window of the base. And nothing user neither to rub, nor copy can not. Neither open stright tables, nor gain access to closed for it forms and report. Else, the terminal access is identified, in my opinion, removed worker by table.
The Defect of this way whole data processing lies on server, but then as client possible to use the weak machines.
There is else two methods: Protection with the help of макроса AutoExec and blocking Shift, protection by password. But about them was already told in предыдущизх article.
When sheduling the article were an used material with site http://www.msvb.narod.ru/doc_access.htm
Author: Dmitriy Sleepy (aka Joss)