databasedev.co.uk - database solutions and downloads for microsoft access

Microsoft Access Database Security

Steps to Securing an Access Database by Using User-level Security:

A workgroup information file is a file about the users in a workgroup. Microsoft Access reads this file at startup. It contains information about account names, passwords, group membership and preferences. Preference information is specified in the Options dialog box.

A workgroup information file is initially created by the setup program when Microsoft Access is installed. The file is identified by the name and organisation information that is supplied during the setup process of Microsoft Access.

A Workgroup ID (WID) is created when a new workgroup information file is created. A WID can have between four and twenty characters and is case-sensitive. The WID guarantees that the workgroup file can't be recreated by another user by simply guessing the name and company. It also makes the Admins group unique to this workgroup file.


Access Workgroup Password Recovery v1.0a

Recover lost passwords for MS Access user/group permissions security files

Access Workgroup Password Recovery is a program to recover lost or forgotten passwords for MS Access workgroup files. All passwords are recovered instantly regardless of length. Multilingual passwords are supported.


Note: The following information details how to create and implement User-Level Security using Microsoft Access 2000. These steps have been thoroughly tested and have been found to work correctly. Please ensure that you follow the steps and instructions completely to recreate this process. The author takes no responsibility for any problems that arise due to these instructions not being adhered to. Always remember to BACK-UP any files (database and workgroup) prior to testing these procedures.

Task A-1: Creating a new workgroup information file

Objective: To create a new System.mdw with a new name

  1. Exit Access
  2. Using the Windows Explorer, open the folder C:\Program Files\Microsoft Office\Office. This folder is where the System.mdw is located with a fresh installation of Microsoft Office 2000
  3. Copy the file SYSTEM.MDW to the root of your computer’s hard drive (don't move the file) to make a backup copy of the file.
  4. In the Microsoft Office folder, double-click on MS Access Workgroup Administrator.
    Shortcut to MS Access Workgroup Administrator
    This is a shortcut to the Wrkgadm.exe program that, when executed, runs the Workgroup Administrator.
  5. In the first dialog box is the name, company and workgroup to which you are joined.
    Workgroup Administrator Dialog Box
  6. Click Create to open the Workgroup Owner Information dialog box, which you can use to create a new workgroup information file.
    Workgroup Owner Information Dialog Box
  7. In the Name text box, type in your name.
  8. In the Organisation text box, type in your organisation name.
  9. In the Workgroup ID text box, type in mywid.
    Workgroup ID dialog
  10. Click OK to accept this information and open the Workgroup Information File dialog box.
  11. Using the default path, change the database filename to MySystem.mdw.
    Workgroup Filename and filepath
  12. Click OK to accept the default path and new name for the new workgroup information file, C:\Program Files\Microsoft Office\Office\MySystem.mdw
  13. In the Confirm Workgroup Information dialog box, verify that the information you typed is correct.
    Confirm Workgroup Information dialog box.
  14. Click OK. You must confirm your entries for the new workgroup information file.
  15. In the message box indicating that you have successfully created the workgroup information file, click OK.
    Message confirming successfull creation of Workgroup Information file.
  16. Look at the changes in the Workgroup Administrator dialog box. There's the information that you entered for the new workgroup information file. This workgroup information file is used the next time that you start up Microsoft Access, so there is no need to join the workgroup now.
    Workgroup Administrator showing newly created Workgroup Information.
  17. Click Exit to close the Workgroup Administrator and display the contents of the Office folder in the Windows Explorer. Notice that the new file, MySystem.mdw, isn't displayed. You may need to refresh the view to see it.
  18. Choose View, Refresh. Scroll to see MySystem.mdw and System.mdw. Both workgroup information files are saved in the same folder.
  19. Before you close Windows Explorer, make a shortcut to the MSAccess.exe on the desktop. You'll be exiting and starting Microsoft Access several times during this tutorial and a desktop shortcut makes restarting Microsoft Access more convenient.
  20. Close Windows Explorer.

Go to page:

  1. Steps to Securing an Access Database by Using User-level Security
  2. Setting Logon Procedures
  3. Group Accounts
  4. User Accounts
  5. Changing a Password
  6. The Security Wizard
  7. Permissions
  8. Testing Security
  9. Documenting Database Security
  10. Previewing Permissions
  11. Securing a Database with a Database Password
  12. Distributing the Secured Application

Recommended Reading:

If you are serious about your Microsoft Access security, then you should check out Garry Robinson's book Real World Microsoft Access Database Protection and Security

About the book:

Real World Microsoft 
            Access Database Protection and Security

Microsoft Access is the most popular desktop database in the world today and its very popularity means that its security measures can be easily compromised. Real World Microsoft Access Database Protection and Security takes a different approach than all the other Access books in the market by focusing from the start on all the issues that will help protect your database. It approaches protection and security from a task-by-task perspective and provides details that when put together will make your database more secure.

This book will help you to keep your staff from looking at your salary tables, stop your customers from looking at the design of your software that you distribute, and help you decide which security options are worth doing and which are generally a waste of your time.

Garry writes from a very experienced developer's point of view and he discusses in detail how to program all types of security issues including hiding tables as system tables, producing databases that password cracker software cannot easily crack, backing-up databases, menus, queries, and even user surveillance.