Security Principles - Microsoft Access

Taken from the Microsoft Access 2.0 help file.

1. Unless the logon procedure is activated, you are logged in as user Admin.

2. When logging-on to MS-Access, the Username is case-insensitive, but the Password is case-sensitive.

3. When re-creating an account after a system crash, the Username, Password, and Personal ID are case-sensitive.

4. Any database or its objects (tables, queries, forms, reports, macros, or modules) are initially owned by user that created them.

5. A user’s rights to a database/object are the rights granted specifically to that user for that database/object, plus any and all rights for that database/object granted to each of the groups the user is a member of.

6. The owner of an object has administrative rights to it, regardless of the rights specifically granted via the Permissions dialog.

7. Security information for users, user groups, and workgroups is stored in the SYSTEM.MDW file, which stores information as shown in the following table.

Object Type Information Stored in SYSTEM.MDW
Workgroup Name, Organization, and Workgroup ID
User Username, Personal ID, Password, Group Memberships
Group Group Name, Personal ID, Membership List

8. Permissions to databases/objects is stored in each MDB file.

Object Type Applicable Rights
Database Open/Run, Open Exclusive
Table, Query Read Design, Modify Design, Administer
Form, Report, Macro Open/Run, Read Design, Modify Design, Administer
Module Read Design, Modify Design, Administer

9. Permission to a database/object is granted only if the user is recognized by a combination of his Username, his Personal ID, and whether the MDB file show he has access granted to him for the specific database/object.

10. To restore security after a system failure and restoration, you must simply re-join the appropriate MS-Access system database via the Microsoft Access Workgroup Administrator applet, called WRKGADM.EXE and is typically in the Windows System directory.