Securing Access and SQL Server

Wherein Anders Ebro demonstrates how easy it is to circumvent application-level security in an Access program.

Securing Access and SQL Server

In my article yesterday, I wrote about application level "security."  I use scare quotes because hiding and locking form controls does not provide any actual data security.  It does improve the user experience by helping guide your users, but you should not mistake it for actual security.

And, in case you might be tempted to disagree with me on this point, let me allow Access MVP Anders Ebro to disavow you of that notion.  Pay particular attention to the 7:32 mark in the video where Anders demonstrates a simpler-than-you-might-think application for hacking into a "secure" Access application where all the security is confined to the front-end file.

Image by Kerstin Riemer from Pixabay

All original code samples by Mike Wolfe are licensed under CC BY 4.0