-----Original Message-----
Ok, I'll stop arguing, & answer your original question!
I think it is basically, "Can some users of a database see >all< of the
records &/or fields, while other users only see >some< of the records &/or
fields?".
If so, a simple method would be this. Use Tools :Security to create some new
users (say Tom, Dick, Harry). Set a password for each of those users. Also
set a password for the Admin user. Then, when anyone starts your database,
they will have to enter a valid username/password combination.
Then, in the form that views the security table, put something like this in
the Form_Open event:
select case currentuser()
case "Tom", "Harry"
me![txtPassword].format = "password"
end select
This is assuming that the form has a textbox named txtPassword, which is
bound to the password field in the security table. By this means, only Tom &
Harry would be able to view or edit the passwords.
However, that is a *very crude method*, easily broken by someone who
bothered to create a new database & link to the tables in your database.
Those people could see everything, since they are viewing the data directly,
and not through the form above. You could fix this by implementing Access
user-level security properly, but, user-level security is a complex beast,
requiring >at least< several weeks of careful study, to get a very basic
understanding.
Perhaps locate, download & study the "Access security FAQ". I don't have the
link handy, but a few minutes googling should find it easily.
Hope this helps,
TC
Yes but if I were to create this EMERGANCY account it
would not let the person into the VIP profile it would
allow me into another profile... and would not allow
access to the profile... Hence knowing the passwords...
So could what I am asking be achieved?
Thanks
James
-----Original Message-----
If IT sometimes needs to assume the priviliges of an important person VIP,
you do not do this by telling IT, VIP's password! That
is
an unacceptable
breach of normal security practices.
You do it instead, by having another account, say EMERGENCY, with the same
priviliges as VIP, but with a password that is only
known
to IT - not to
VIP.
Then, anything logged against the VIP login, is known
to
have been done by
the important person - not by IT. And conversely, anything that is logged
against the EMERGENCY login, is known to have been done by IT - not by the
important person.
I'm amazed that any IT department would agree to do it the way your
describe!
Cheers,
TC
I know what your saying but I have been requested to put a
database together so that if an important person is off
then we as the IT section can log into there machines and
get the information which is being requested. This is a
common thing when people are off they need something
urgently from the persons machine and with security in
place on the OS this poses a problem with profiles... So
hence we have a database with all the user's password in.
So if any member of the IT dept logs into this database
they can use the Users passwords but not another IT
section one as they wont be able to see it thus my
question??
Does this help any?
Many Thanks
James
-----Original Message-----
It is very poor practice to show *anyone*, someone else's
password. This
lets the first person impersonate the second one,
*without the second person
knowing*.
Even if person 'A' has the authority to change
person 'B's password, he
should *not* be able to *view* person B's existing
password. Then, if person
A does change person B's password, he (person A) can
certainly log on as
person B, but person B will know that something is
hapenning, because his
(person B'ds) old password will stop working, for no
apparent reason
You definitely need to review your understanding of
common-practice security
methods!
TC
message
Hello I have a database and I have applied my own
security
