This security method is the least secure because it is relatively simple to show any hidden objects.
Note that because tables, views, database diagrams, and stored procedures reside in the SQL Server database, you cannot hide these objects in the database window.
You use the startup options to specify or determine settings such as which form opens automatically when your Access project file opens and your Access project application's title and icon. In a new Access project file, the startup properties do not exist until a user makes a change to the default settings in the Startup dialog box.
To help protect a data access page and the data it accesses, do the following:
- Help protect the Access project file containing the data access page's link, and the data access page's corresponding HTML file by using the file system security of the computer where you have stored these files.
- Help protect the database connected to the data access page by helping protect the database against unauthorized users, controlling the level of access to the data once a user logs in, and not saving the database password with the data access page.
- Help prevent unauthorized access from a malicious script by using Internet Explorer security options and using three-tier data access.
Securing Visual Basic for Applications (VBA) code
You can help protect Visual Basic for Applications (VBA) code in modules and modules behind forms and reports with a password which you enter once per session. The password helps prevent unauthorized users from editing, cutting, pasting, copying, exporting, and deleting VBA code.
To help protect your code, you can remove editable VBA code from your Access project file and help prevent modifications to the code behind your forms and reports by saving it as an ADE file.
Securing a Microsoft SQL Server database
SQL Server database objects employing security technology
You can help protect data and other database objects that are stored in an SQL Server database (tables, views, stored procedures, and database diagrams) by doing the following:
- Encrypt views, stored procedures and triggers. You can encrypt views to help prevent a user from changing the view. You can also encrypt stored procedures and triggers when you edit them by using Transact-SQL Statements (for example,
CREATE PROCEDURE...WITH ENCRYPTION
).Important Once you encrypt a view, you can't change the design of that view. If you anticipate the need to revise an encrypted view, save the SQL statements in a text file in a secure location before you encrypt it. You can then delete the encrypted view, change the saved view, and re-encrypt it.
- Implement full security features using the SQL Server Enterprise Manager. See the SQL Server documentation.
Help control logging on to SQL Server
From a Microsoft Access project, you can administer basic security tasks by using the Database Security command to add, edit, or delete server logins, database users, and database roles. You must have SQL Server installed on the same computer as the Access project for these commands to work.
SQL Server provides two security methods to help validate logins to the SQL Server database:
- SQL Server security, which uses SQL Server user names and passwords.
- Windows integrated security, which uses Windows account user names. In this case, Windows authenticates a user when they log on, and SQL Server accepts Windows accounts without requiring a log on using other security measures.