MDE- Prevents Form Deletion, Storing variables in Forms

  • Thread starter Thread starter Lowell
  • Start date Start date
L

Lowell

I'm a little new to Access VBS programming and have a couple of questions.

To prevent clients from using my apps without paying for them, I am
incorporating a password procedure that kicks in via an Autoexec macro. I
want the client to be able to test the ap and then pay me if they are
satisfied. After a certain date, the routine will open a hidden form and ask
for the database password. I am storing the database password in a hidden,
disabled text box on the form. If the client enters the correct password, I
would like to delete the form so it does not have to be opened and examined
each time the user opens the database. I have "On Error Resume Next" code in
the Autoexec that will recover if the form fails to open. I plan to issue the
database in an MDE format.

Question 1: Is using the hidden form/hidden text box a practical and secure
way to encode the database password?

Question 2: It appears converting to MDE will prevent the user from deleting
the hidden form and probably from discovering it's there. Correct? If so,
will I be able to delete the form via VBA code in the MDE project?

Question 3: Is there a better way to secure my app?

Thanks,
Lowell
 
I created an MDE file and tried to delete the hidden form via VBA. I could
not delete the form when running the MDE database, so I guess that answers
the second question I posted.
Lowell
 
I'm a little new to Access VBS programming and have a couple of questions.

To prevent clients from using my apps without paying for them, I am
incorporating a password procedure that kicks in via an Autoexec macro. I
want the client to be able to test the ap and then pay me if they are
satisfied. After a certain date, the routine will open a hidden form and ask
for the database password. I am storing the database password in a hidden,
disabled text box on the form. If the client enters the correct password, I
would like to delete the form so it does not have to be opened and examined
each time the user opens the database. I have "On Error Resume Next" code in
the Autoexec that will recover if the form fails to open. I plan to issue the
database in an MDE format.

Question 1: Is using the hidden form/hidden text box a practical and secure
way to encode the database password?
Click to expand...

Not if your users have (or have access) to some midlevel Access expertise. You
can block the user from bypassing the autoexec macro by holding down the SHIFT
key, but even that protection can be evaded. In addition, a determined user
can use File... Get External Data... Import to import your startup form into a
blank database and examine it to their heart's content.
Question 2: It appears converting to MDE will prevent the user from deleting
the hidden form and probably from discovering it's there. Correct? If so,
will I be able to delete the form via VBA code in the MDE project?
Click to expand...

No. MDE files don't support changes to form design.
Question 3: Is there a better way to secure my app?
Click to expand...

Yes, but they're not all that easy. One that I've used is Keyed Access from
http://www.peterssoftware.com/ka.htm; there are other commercial solutions.
For some other options check at
http://www.granite.ab.ca/access/demo.htm


John W. Vinson [MVP]
 
Lowell said:
I created an MDE file and tried to delete the hidden form via VBA. I could
not delete the form when running the MDE database, so I guess that answers
the second question I posted.
Lowell
Click to expand...

John,

My user is not that knowledgeable so I may be safe, unless they hire someone
with more expertise.

I tried importing from the MDE file into a blank database. Tables and
Queries are all that are selectable for import. Forms/Reports/Macros/etc. are
grayed out and cannot be selected. Since my VBA code is not included in the
MDE, I thought I would be safe from that particular workaround and safe even
if someone figures out how to get past the disabling of the SHIFT key startup
bypass.

I am developing in Access 2002. My client will use 2003, so I will have to
test on my wife's PC where Access 2003 is available. Has something changed in
Access 2003 to allow form import from an MDE?

I will check those sites you recommended.
Thanks,
Lowell
 
John W. Vinson said:
Not if your users have (or have access) to some midlevel Access expertise. You
can block the user from bypassing the autoexec macro by holding down the SHIFT
key, but even that protection can be evaded. In addition, a determined user
can use File... Get External Data... Import to import your startup form into a
blank database and examine it to their heart's content.


No. MDE files don't support changes to form design.


Yes, but they're not all that easy. One that I've used is Keyed Access from
http://www.peterssoftware.com/ka.htm; there are other commercial solutions.
For some other options check at
http://www.granite.ab.ca/access/demo.htm


John W. Vinson [MVP]
John, Please see my third posting. I must not have clicked your reply when I replied.
Click to expand...

Lowell
 
Back
Top