Attached are some partial screen shots of a database application based on Access that our office uses. In case of copyright issues, I have deleted the provider's details and modified the name on the button that allows them access without restriction.
What they have arranged is, along with the usual words "File" through to "Help" for the application to have a word called "User Defaults" next to "Help".
Clicking on User Defaults brings up the screen giving access to passwords. I have ringed two buttons. The upper one called Passwords only allows for the local system administrator (Me!) or anyone I authorised to access them and allocate three letter user names and passwords (second screen shot). With each user that is set up a table is displayed giving areas and tasks the user is authorised to enter / modify / delete / view. There are also some pre-set templates such as accounts which will fill the appropriate boxes. Entry into the program is password protected (third screen shot) and will restrict that user's access to that set by the administrator.
The most useful button is the one I have called "CFF Use". I (or someone I have authorised) access the User Defaults page once logged on. The provider can then use the CFF Use button which brings up a box showing a two-part security code. Once they have entered this, they then have unrestricted access to the whole of the application.
I am aware of the problems of hiding the design side of Alpha5 - it might not be easily recoverable unless prepared beforehand. The above seems a neat way of shielding users from messing with the guts of the design.
My question is that doing something this with security is well beyond my capabilities, but what do other members do (and are there simpler ways) to make their applications secure?
What they have arranged is, along with the usual words "File" through to "Help" for the application to have a word called "User Defaults" next to "Help".
Clicking on User Defaults brings up the screen giving access to passwords. I have ringed two buttons. The upper one called Passwords only allows for the local system administrator (Me!) or anyone I authorised to access them and allocate three letter user names and passwords (second screen shot). With each user that is set up a table is displayed giving areas and tasks the user is authorised to enter / modify / delete / view. There are also some pre-set templates such as accounts which will fill the appropriate boxes. Entry into the program is password protected (third screen shot) and will restrict that user's access to that set by the administrator.
The most useful button is the one I have called "CFF Use". I (or someone I have authorised) access the User Defaults page once logged on. The provider can then use the CFF Use button which brings up a box showing a two-part security code. Once they have entered this, they then have unrestricted access to the whole of the application.
I am aware of the problems of hiding the design side of Alpha5 - it might not be easily recoverable unless prepared beforehand. The above seems a neat way of shielding users from messing with the guts of the design.
My question is that doing something this with security is well beyond my capabilities, but what do other members do (and are there simpler ways) to make their applications secure?
Comment