Securing Your Database with Access

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

It's important to realize that Microsoft Jet security is always enabled — every time a user performs any action, Microsoft Jet first checks to make sure the user has sufficient permissions to perform that action. However, most Microsoft Jet users never realize that they are logging on and never see a security-related message. How does this happen? This is because the Users group (the default group that contains the default Admin user account) has full permissions for all objects in a database.

This arrangement works well because there are no "back doors" that allow a user to open a Microsoft Jet database without security being in effect. Solutions that don't need the engine's security services still use it, even though it's not apparent.

To establish security successfully, you need to do some advance planning. Make a list of all types of potential users of your solutions, logical groupings of those users, and the operations that each group should be able to perform. Then map this information to the Microsoft Jet security model of users, groups, and object permissions.

Securing your database is a multiple-step process that replaces the default users and groups with your own secure set of users and groups. In Access 2000, the User-Level Security Wizard has been significantly updated to step you through the entire process of securing your Access database. This section outlines each of these steps.