0
votes

My desktop application use MS access 2003 data base to keep some sensitive information . used access 2003 files(*.mdb) are password protested. Access 2003 data base password are easily crackable by various tools available on internet because of its weak storage method.

Now I am planing to migrate my application database to MS access 2010 which is more secure .I want to know what secuirty methods are used to hiding in access 2010.

Do you know which encryption algorithm/method and hash algorithm for store the password HASH in access 2010 database?

Do you know which encryption algorithm/method is used for encrypting access database?

do you know the techinical writeup/paper link on access 2010 secuirty?

I need to convince a client that access 2010 use strong method to store password and impossible to crack it.

1

1 Answers

0
votes

Access database passwords are not security, they are SECURITY THEATER.

They don't secure your data, they just encrypt it.

But to give users access to the data, you have to give everybody the password, or embed it in your application.

Don't use it -- it gets in the way for no real benefit.

If your database really needs to have its data securely stored, use a database engine with security baked in. There is no file-based database engine that can meet that requirement because of the nature of the beast.