Question:
How can I encrypt one column in MS Access 2003?
Jec
2010-12-15 23:31:22 UTC
I have the following table:

USER_TABEL
user_id | password | name
---------------------------------------------
user1 | pwd12 | john doe
user2 | myPas | juan tmad

I want the password column to be hex so that no one can see the user's passwords (i.e. even the database administrator/programmers). For example, I want the table above to be like this when someone open the MS Access .mdb file:

USER_TABEL
user_id | password | name
---------------------------------------------
user1 | ###### | john doe
user2 | ###### | juan tmad

Noticed the password column...
Four answers:
Capt Crasher
2010-12-17 08:06:17 UTC
In the DESIGN view of the TABLE, highlight the field (select it) then look down at the PROPERTIES Tab. Click the "..." on the right of the "INPUT MASK" Property and set it to "Password.". You could tweak it to show "hash marks" (#) instead of Asteriks (*), but Hashes are used by Access to indicate invalid/corrupt data, so I'd just stick with the default "****".



This isn't true "encryption", since MS Access can only encrypt the entire DB (not specific parts of it) and once "in" the DB You'd be able to view the table anyway, but combining this with "user level security" will keep anyone without proper permissions from viewing the data in any other "format".
?
2010-12-16 00:23:32 UTC
You can't. What you can do is stop using access and use SQL (MySQL, MsSQL, SQLite, etc) to create your database. From within SQL you can then encrypt the data when the data is input and output.



Example for MS SQL: http://msdn.microsoft.com/en-us/library/ms179331.aspx



For MySql you'd simply do this:

insert into USER_TABEL (user_id, password, name) values (user1, aes_encrpyt(pwd12, key), john doe);



Where pwd12 is the password and key is a strong password. To get the data back you simply do a



Read:

select aes_decrypt(password, key) from USER_TABEL where user_id='user1';



Here you're getting the data and decrypting it via the same key



-----



In reply to Capt Crasher, you are correct that is not security and the method you describe is security through obscurity, which isn't security either. It's like changing the port for SSH access and not disallowing plain text passwords. It's not secure at all.Users can escalate privileges given enough time with this type of "security". Encrypt your actual input via AES and they'll be hammering away at that for a much longer period of time.
goettle
2016-12-18 23:16:34 UTC
A database can run on purely approximately any pc. Oracle has a uncomplicated-weight shopper talked approximately as Oracle tutor version it extremely is sturdy at the start. MySQL is yet yet another undemanding database. as right away as you have honestly one in all those databases put in the ideas open up. OracleXE has its very own format procedures. I surprisingly use the command on the spot for the MySQL occasion. SQuirreL is a competent piece of application to controlled databases. i'm needless to say approximately open source and unfastened application. yet as quickly as you're in seek for of for an excellent extra effective gadget. procuring dedicated servers on your database and working a heavy weight Oracle gadget is in lots of cases an decision.
?
2016-09-14 22:04:03 UTC
I was here on YA for something unrelated, but this topic was displayed on the sidebar...


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...