Share this Page URL

Chapter 19. Implementing Security > Managing a Workgroup Information File - Pg. 648

Implementing Security 648 Implementing User-Level Security When you're designing a database, you might not know at the beginning how many and what type of users will need to access the data. Yet this information is critical when you're attempting to make security decisions. If, for example, the computer on which your data resides is not connected to a network of any sort and is never connected to the Internet, and if there is no chance that any other person will ever have access to your computer, the level of security you need for your database is relatively low (unless you have some malevolent desire to sabotage your own data!). However, as the need increases for more users to gain access to your data, the need for security rises with it. Access manages groups and users in a Workgroup Information File (WIF). Access creates a WIF the first time you launch it; the WIF is used in conjunction with the permissions management in the database. User and Group Management in Access When you first create an Access database, Access creates a default user (Admin) and two default groups (the Admins group and the Users group). Because of this, every database by default uses these accounts to supply security measures, but the default level of security is very low. The Admin user has full permissions to access all the objects in the database. For our purposes, full permis- sions simply means that there are no restrictions to what the Admin user can do in the database. Also, the Admin user is a member of both the Admins group and the Users group. In addition, Access creates the Admin user with no password. This means that when a user opens the database as Admin, the user is not prompted for a user name and does not need to enter a password to access the database. Until these settings are modified, any users that open the .mdb file will open the database as Admin and have full access to all the databases objects and data.