Prevent use of password recovery utilities on Access 2000

  • Thread starter Thread starter apm2524
  • Start date Start date
A

apm2524

I'm developing a client-side application that uses Access
2000 to store personal information. While there are
utilities that allow the user to recover the password, I
was curious if there if there were any methods (e.g., code
samples, utilities, etc.) to prevent this from occuring?

Thank you in advance.

- apm2524
 
The sad thing is, the problem occurs because of a simple, "schoolboy howler"
mistake in how Jet encrypts the passwords. I believe that a >two line fix<
to the Jet source, would completely eliminate the ability of these
utilities, to recover the passwords. But not having access to that source,
I'm not in a position to fix it! I imagine that the fix in question, could
also be done by patching the relevent DLL at runtime; but I do not have the
knowledge to do that.

So the answer to your question is: yes, >if<
- you understood the mistake in question;
- you understood how to fix it (from a crypto viewpoint),
- you could find the code in the relevant DLL, and
- you had the skills to patch that code at runtime.

As the little steam engine said: "Would that I could! Would that I could!"

TC
 
Back
Top