databasedev.co.uk - database solutions and downloads for microsoft access

Microsoft Access Database Security

Group Accounts:

When you install Microsoft Access, you get one user account and two group accounts:

  • The Admin account is the default user account.
  • The Admins account is the system administrator’s group account. The Access Setup program automatically adds the Admin user account to the Admins group.
  • The Users account is a group account that comprises all the user accounts. When you create a user account, it is automatically added to the Users group. Everyone is always a member of the Users group and can't be removed.

You can log on to Microsoft Access with a user account, but not with a group account.

It is easier if you organise your users into groups and assign permissions to each group, rather than to individual users. A user can be a member of more than one group, and inherits all of the permissions of each group. A good design strategy is to add permissions to the groups, and add users to the appropriate group(s).

A Personal Identifier (PID) is a character string that is used in conjunction with the account name to identify a user or group. The PID is specified when you create a new user or group. You should record this case-sensitive code in case you need to recreate the workgroup information file. Note that the PID is not a password. It's another means of identifying who you are to Microsoft Access.

Let's create two group accounts and set a unique PID for each one.

Before completing the following activities, please ensure that you have followed the previous exercise: Setting Logon Procedures

Task A-3: Creating Group Accounts in Microsoft Access

Objective: To create two new group accounts, one for the group who does Order Entry, and the second for the Sales Managers group. This information relates to the sample Microsoft Access database download

  1. Close MyNewApp.mdb without exiting Access. You don't need to have a database open to create accounts.
  2. Choose Tools, Security, User and Group Accounts.
  3. In the User And Group Accounts dialog box, notice the Available Groups list in the Group Membership section. There are two groups available, one named Admins and the other named Users.

    Available Groups in the Group Membership section of the User and Group Accounts
  4. Select the Groups tab. Display the Name drop-down list.
    The same two groups are listed here. You're going to create two new groups to add to this list.
  5. Close the Name drop-down list. Click New to open the New User/Group dialog box, which is what you'll use to create new group accounts, one at a time.
  6. Create the following group:

    Name: Order Entry
    Personal ID: orderpid

    All the characters are case-sensitive.

    New User/Group for Order Entry
  7. Click OK.
  8. Create another group as follows:

    Name: Sales Managers
    Personal ID: salespid

    New User/Group for Sales Managers
  9. Click OK.
  10. Display the Name drop down list. Notice that four groups are now listed, including your two new groups.

    The newly created groups

Now that you've created new group accounts, it's time to create new user accounts.

Go to page:

  1. Steps to Securing an Access Database by Using User-level Security
  2. Setting Logon Procedures
  3. Group Accounts
  4. User Accounts
  5. Changing a Password
  6. The Security Wizard
  7. Permissions
  8. Testing Security
  9. Documenting Database Security
  10. Previewing Permissions
  11. Securing a Database with a Database Password
  12. Distributing the Secured Application

Recommended Reading:

If you are serious about your Microsoft Access security, then you should check out Garry Robinson's book Real World Microsoft Access Database Protection and Security

About the book:

Real World Microsoft 
            Access Database Protection and Security

Microsoft Access is the most popular desktop database in the world today and its very popularity means that its security measures can be easily compromised. Real World Microsoft Access Database Protection and Security takes a different approach than all the other Access books in the market by focusing from the start on all the issues that will help protect your database. It approaches protection and security from a task-by-task perspective and provides details that when put together will make your database more secure.

This book will help you to keep your staff from looking at your salary tables, stop your customers from looking at the design of your software that you distribute, and help you decide which security options are worth doing and which are generally a waste of your time.

Garry writes from a very experienced developer's point of view and he discusses in detail how to program all types of security issues including hiding tables as system tables, producing databases that password cracker software cannot easily crack, backing-up databases, menus, queries, and even user surveillance.