Enforcing user's to choose password

  • Thread starter Thread starter Karen
  • Start date Start date
K

Karen

Hi - what is the best way to ensure a user sets up a
password in an Access db?

If the user chooses not to set up a password, they can
still get into the Access db. I'm assuming most users
will be vigilant about managing their passwords, but want
to plan for the occasional user who will either forget or
will deliberately not set a password so they don't have
to remember it. If this happens, anyone with access to
their desktop can click the shortcut and get into our db
which is stored on a shared server.

Thanks,
Karen
 
Karen said:
Hi - what is the best way to ensure a user sets up a
password in an Access db?

If the user chooses not to set up a password, they can
still get into the Access db. I'm assuming most users
will be vigilant about managing their passwords, but want
to plan for the occasional user who will either forget or
will deliberately not set a password so they don't have
to remember it. If this happens, anyone with access to
their desktop can click the shortcut and get into our db
which is stored on a shared server.
Click to expand...


Do you mean the *database* password (which just asks for a password), or the
*user-level security* password (which asks for a username *and* a password)?

- If the former, know this: The database password is easily cracked using
code that is freely available all over the web. (At least for access 97 &
earlier. Later versions need different code, but the principle is much the
same.)

- If the latter, I suspect you need to read the Access "Security FAQ". Links
to that document are posted regularly in this newsgroup.

HTH,
TC
 
The only thing I can suggest is to blank out all the existing passwords
and see who does not complain or go to each user and check.
 
Karen,
Unfortunately, with the Access security model, as long as you allow the
users to have access to the change password screen, there really isn't any
way to force users to create a password. If you, as administrator, want to
manage their passwords for them, you can block access to the change password
screen and require them to send you a new password when they want to change
it. That way you can always set them up with a password.
 
If you get no error, then their password is
blank - throw up a message advising the user of the evils of having no
password.
Click to expand...

Or threaten the removal of body parts if they don't have a password.... <g>
 
Lynn Trapp said:
Or threaten the removal of body parts if they don't have a password....
Click to expand...
<g>


Ya know, I originally typed 'throw up a nasty message', but thought better
of it.
 
Count the # of successful logons, then delete the user from the workgroup
file!
(assuming that is possible at that point in time - I've never tried)

"You have THREE blank-password logons to go ..."
"You have TWO blank-password logons to go ..."
!

TC
 
Back
Top