Connect a Access database with user id & password?
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=19488
Printed Date: 12 April 2026 at 3:46am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: Connect a Access database with user id & password?
Posted By: donzi
Subject: Connect a Access database with user id & password?
Date Posted: 22 April 2006 at 12:42am
|
Good Day,
I'm trying to upgrade to ver 8 of the webwiz forums.
I'm having problems getting a connection established to a existing MS Access database. I have been reading through the forums and have not found any topics in regards to connecting with a system DSN connection or a DSN-Less where
the MS Access database is protected by a user id and password. I have added a user id and password to the database that came with the upgrade so that I could test the connection before I upgrade my existing database. How would I edit the database_connection.asp file to enclude the database user id and password to allow the server to log in to the
MS Access database for either a DSN or DSN-Less connection? Any Help would be appreciated. Don Anderson http://www.theicepit.org - www.theicepit.org ------------- No time like the present! |
Replies:
Posted By: WebWiz-Bruce
Date Posted: 23 April 2006 at 9:17am
|
You need to use the faster DSN-less connection to connect to Web Wiz Forums Access database. I'm not sure why you added a database username and password to the Access database? If you did this for more security on the Access database then this is a complete waste of time as it is really simple to recover the username and password to an Access database. The only thing it achieves by adding a username and password to an Access database is a right headache in setting it up. For security you should move the database to a secure folder, the following kb article describes how to do this:- http://www.webwiz.net/web_wiz_forums/docs_access_move_db.asp - http://www.webwiz.net/web_wiz_forums/docs_access_move_db.asp ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: donzi
Date Posted: 23 April 2006 at 4:01pm
|
boRg, I previously merged my exisiting database with your database under my databases name in a remote folder. This allowed me to query both sets
of data and edit/add to both at the same time alittle easier. with the old connection routines it was easier to access a ms access database that had a user id and password. My old log in routines have
had the adjusted so that it is harder to follow.
Would you have a MS SQL or MYSQL data base with out a user id and password? Why would I not try the same with a Access database if it
Will allow me to. I agree it is easy for any good programmer to break into but why make it so easy for them to just walk in :-) Some ISP's I have found at times allow there system to be browsed and you can't find this out until you are a customer of their's. My Question: With the new connection method how would I pass the user id and password to the database? I have tried to alter the database_connection.asp code with no success.
------------- No time like the present! |
Posted By: donzi
Date Posted: 23 April 2006 at 4:04pm
|
boRg,
I hope over the next year or two to move over to MS SQL but I have to rewrite all of my code and databases as they are not to my liking as of today and I know there are some things I can do better. ------------- No time like the present! |
Posted By: dpyers
Date Posted: 23 April 2006 at 5:31pm
|
Adding this to the connection string should send the credentials Uid=xxx;Pwd=yyy; But as borg noted, if you're not in a secured directory outside of your webroot, I can download the db and open it up in a text editor to kill the login/password in the db or change it to something I like. Access login/passwords are only effective if you open the db through an Access/Jet driver, not if you open it through anything else. ------------- 
Lead me not into temptation... I know the short cut, follow me. |
Posted By: WebWiz-Bruce
Date Posted: 24 April 2006 at 9:13am
The reason SQL Server and mySQL have usernames and passwords is that you can connect to them remotely so need usernames and passwords to connect and also have allot of security built in so that a hacker can not get the username and password. Access on the other hand is a complete waste of time with passwords, if the passwords where encrypted I would certainly recommend using them, but they are not. There are 1000's of tools available that will give you the password to enter the Access database (just do a quick search on Google for 'Access Password Recovery'). I use one myself when I have to edit sites with password protected Access database's. It's often faster to crack the database password then it is to ask the person next to you what the password is. Access is notorious for having very weak password protection, and anyone who knows this (which is most developers and ALL hackers) will simply just open the database as if it had no password at all. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
donzi wrote: