Web Wiz - Green Windows Web Hosting - Celebrating 25 Years!
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - Connect a Access database with user id & password?
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Connect a Access database with user id & password?
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
donzi View Drop Down
Newbie
Newbie


Joined: 22 April 2006
Location: United States
Status: Offline
Points: 5 		Post Options Post Options   Thanks (0) Thanks(0)   Quote donzi Quote  Post ReplyReply Direct Link To This Post Topic: Connect a Access database with user id & password?
    Posted: 22 April 2006 at 12:42am
Good Day,
 
I'm trying to upgrade to ver 8 of the webwiz forums.
I'm having problems getting a connection established to a existing MS Access database.
 
I have been reading through the forums and have not found any topics in regards to connecting with a system DSN connection or a DSN-Less where
the MS Access database is protected by a user id and password.


I have added a user id and password to the database that came with the upgrade so that I could test the connection before I upgrade my existing database.
 
How would I edit the database_connection.asp file to enclude the database user id and password to allow the server to log in to the
MS Access database for either a DSN or DSN-Less connection?


Any Help would be appreciated.
Don Anderson
www.theicepit.org
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2006 at 9:17am
You need to use the faster DSN-less connection to connect to Web Wiz Forums Access database.

I'm not sure why you added a database username and password to the Access database?

If you did this for more security on the Access database then this is a complete waste of time as it is really simple to recover the username and password to an Access database. The only thing it achieves by adding a username and password to an Access database is a right headache in setting it up.

For security you should move the database to a secure folder, the following kb article describes how to do this:-

http://www.webwiz.net/web_wiz_forums/docs_access_move_db.asp
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
donzi View Drop Down
Newbie
Newbie


Joined: 22 April 2006
Location: United States
Status: Offline
Points: 5 		Post Options Post Options   Thanks (0) Thanks(0)   Quote donzi Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2006 at 4:01pm

boRg,

I previously merged my exisiting database with your database under my databases name in a remote folder. This allowed me to query both sets
of data and edit/add to both at the same time alittle easier.
 
with the old connection routines it was easier to access a ms access database that had a user id and password.  My old log in routines have
had the adjusted so that it is harder to follow.
 
Would you have a MS SQL or MYSQL data base with out a user id and password? Why would I not try the same with a Access database if it
Will allow me to. I agree it is easy for any good programmer to break into
but why make it so easy for them to just walk in :-)
Some ISP's I have found at times allow there system to be browsed and
you can't find this out until you are a customer of their's.

My Question:
With the new connection method how would I pass the user id and password to the database?
 
I have tried to alter the database_connection.asp code with no success.
Back to Top
donzi View Drop Down
Newbie
Newbie


Joined: 22 April 2006
Location: United States
Status: Offline
Points: 5 		Post Options Post Options   Thanks (0) Thanks(0)   Quote donzi Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2006 at 4:04pm
boRg,
 
I hope over the next year or two to move over to MS SQL but I have to rewrite all of my code and databases as they are not to my liking as of
today and I know there are some things I can do better.
Back to Top
dpyers View Drop Down
Senior Member
Senior Member


Joined: 12 May 2003
Status: Offline
Points: 3937 		Post Options Post Options   Thanks (0) Thanks(0)   Quote dpyers Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2006 at 5:31pm
Adding this to the connection string should send the credentials
Uid=xxx;Pwd=yyy;

But as borg noted, if you're not in a secured directory outside of your webroot, I can download the db and open it up in a text editor to kill the  login/password in the db or change it to something I like. Access login/passwords are only effective if you open the db through an Access/Jet driver, not if you open it through anything else.

Lead me not into temptation... I know the short cut, follow me.
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 24 April 2006 at 9:13am
Originally posted by donzi donzi wrote:

boRg,

Would you have a MS SQL or MYSQL data base with out a user id and password? Why would I not try the same with a Access database if it
Will allow me to. I agree it is easy for any good programmer to break into
but why make it so easy for them to just walk in :-)
Some ISP's I have found at times allow there system to be browsed and
you can't find this out until you are a customer of their's.


The reason SQL Server and mySQL have usernames and passwords is that you can connect to them remotely so need usernames and passwords to connect and also have allot of security built in so that a hacker can not get the username and password.

Access on the other hand is a complete waste of time with passwords, if the passwords where encrypted I would certainly recommend using them, but they are not.

There are 1000's of tools available that will give you the password to enter the Access database (just do a quick search on Google for 'Access Password Recovery'). I use one myself when I have to edit sites with password protected Access database's. It's often faster to crack the database password then it is to ask the person next to you what the password is.

Access is notorious for having very weak password protection, and anyone who knows this (which is most developers and ALL hackers) will simply just open the database as if it had no password at all.


Edited by -boRg- - 24 April 2006 at 9:14am
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.