Board index » delphi » Login ID's and Passwords Stored in a Paradox 7 table

Login ID's and Passwords Stored in a Paradox 7 table

Hi Anyone,
    I have a paradox table in which user ID's and passwords are stored.  Is
there a way to secure the table so that it can't be view by Paradox or a
third party tool?

Tks,
Don
--
Donald King
FocusTech Solutions
Email: donaldk...@fuse.net
Ph.     513.382.4651

 

Re:Login ID's and Passwords Stored in a Paradox 7 table


better to crypt with some method your data before saving into Paradox.
problem that even if you'll add a passowrd for your Paradox table, anyway
somebody can read it (exist a few master passwords which allow to open any
protected db-table).

--
With best regards, Mike Shkolnik
EMail: mshkol...@scalabium.com
http://www.scalabium.com

"Donald King" <donaldk...@fuse.net> ???Y/???Y ????? ???Y??:
news:3da2e0d0$1@newsgroups.borland.com...

Quote
> Hi Anyone,
>     I have a paradox table in which user ID's and passwords are stored.
Is
> there a way to secure the table so that it can't be view by Paradox or a
> third party tool?

> Tks,
> Don
> --
> Donald King
> FocusTech Solutions
> Email: donaldk...@fuse.net
> Ph.     513.382.4651

Re:Login ID's and Passwords Stored in a Paradox 7 table


You can add a master password to the Paradox table but that will on
stop casual snoopers. There are tools that will break Paradox's
encryption.

On Tue, 8 Oct 2002 09:44:39 -0400, "Donald King" <donaldk...@fuse.net>
wrote:

Quote
>Hi Anyone,
>    I have a paradox table in which user ID's and passwords are stored.  Is
>there a way to secure the table so that it can't be view by Paradox or a
>third party tool?

>Tks,
>Don

--
Bill (TeamB)
(TeamB cannot respond to questions received via email)

Re:Login ID's and Passwords Stored in a Paradox 7 table


Bill or Mike,
    So, I guess the answer is to leave this upto the network administrator
to set the access accordingly but in order for a user to change his/her
password, then the Paradox USERS.db file will have to be set to read/write
access.  What I am trying to protect against is certain users are assigned a
usertype of 'Accounting' or 'Administrator'.  If a user logs into the system
and their user type is 'Accounting' or 'Administrator', then I enable the
Accounting menu item on the main form's menu and if their usertype is not
'Accounting' or 'Administrator', then I disable the Accounting menu item.
My users in the accounting dept. do not want other users to gain access to
the accounting submenu items and view each others payroll info.
    Maybe I have implemented this wrong, what would be a better way?  Any
ideas?

Don
----

Quote
"Bill Todd" <b...@notthis.dbginc.com> wrote in message

news:6506qu8261nc24pkkqf4723jv7vqvqmst5@4ax.com...
Quote
> You can add a master password to the Paradox table but that will on
> stop casual snoopers. There are tools that will break Paradox's
> encryption.

> On Tue, 8 Oct 2002 09:44:39 -0400, "Donald King" <donaldk...@fuse.net>
> wrote:

> >Hi Anyone,
> >    I have a paradox table in which user ID's and passwords are stored.
Is
> >there a way to secure the table so that it can't be view by Paradox or a
> >third party tool?

> >Tks,
> >Don

> --
> Bill (TeamB)
> (TeamB cannot respond to questions received via email)

Re:Login ID's and Passwords Stored in a Paradox 7 table


Bill,
    Ok, thanks.  I'll settle for the master PW for now.  I have talked to
several of my installed sites and for now, no users at these sites have the
expertise you have been talking about and none of any of my installed sites
even use Paradox.

Tks,
Don

Quote
"Bill Todd" <b...@notthis.dbginc.com> wrote in message

news:1i46quo1e2gm8b7spck36udi8b3guvvevf@4ax.com...
Quote
> You have not done anything that is wrong. As I said, it depends on the
> skill level of the person you are trying to protect against. Applying
> a master password to the table using DBD will keep casual snoopers
> out. If you are trying to stop someone who is skilled enought to
> search the Internet for tools to break Paradox passwords and use them
> then you need to encrypt the strings before you store them in the
> table.

> On Tue, 8 Oct 2002 12:35:40 -0400, "Donald King" <donaldk...@fuse.net>
> wrote:

> >Bill or Mike,
> >    So, I guess the answer is to leave this upto the network
administrator
> >to set the access accordingly but in order for a user to change his/her
> >password, then the Paradox USERS.db file will have to be set to
read/write
> >access.  What I am trying to protect against is certain users are
assigned a
> >usertype of 'Accounting' or 'Administrator'.  If a user logs into the
system
> >and their user type is 'Accounting' or 'Administrator', then I enable the
> >Accounting menu item on the main form's menu and if their usertype is not
> >'Accounting' or 'Administrator', then I disable the Accounting menu item.
> >My users in the accounting dept. do not want other users to gain access
to
> >the accounting submenu items and view each others payroll info.
> >    Maybe I have implemented this wrong, what would be a better way?  Any
> >ideas?

> >Don
> >----
> >"Bill Todd" <b...@notthis.dbginc.com> wrote in message
> >news:6506qu8261nc24pkkqf4723jv7vqvqmst5@4ax.com...
> >> You can add a master password to the Paradox table but that will on
> >> stop casual snoopers. There are tools that will break Paradox's
> >> encryption.

> >> On Tue, 8 Oct 2002 09:44:39 -0400, "Donald King" <donaldk...@fuse.net>
> >> wrote:

> >> >Hi Anyone,
> >> >    I have a paradox table in which user ID's and passwords are
stored.
> >Is
> >> >there a way to secure the table so that it can't be view by Paradox or
a
> >> >third party tool?

> >> >Tks,
> >> >Don

> >> --
> >> Bill (TeamB)
> >> (TeamB cannot respond to questions received via email)

> --
> Bill (TeamB)
> (TeamB cannot respond to questions received via email)

Other Threads