Microsoft Access User-Level Security Tutorial

01
of 09

Getting Started

Microsoft Access offers relatively powerful security functionality. In this article, we’ll take a look at Microsoft Access user-level security, a feature that lets you specify the level of access to grant each individual user of your database.

User-level security helps you to control the types of data that a user might access (for example, prohibiting sales personnel from looking at accounting data) and the actions they can perform (e.g. only allowing the HR department to change personnel records).

These functions mimic some of the functionality of more powerful database environments, like SQL Server and Oracle. However, Access is still fundamentally a single-user database. If you find yourself attempting to implement complex security schemes with user-level security, you’re probably ready to trade up to a more powerful database.

The first step is to start the Wizard. From the Tools menu, select Security and then User-Level Security Wizard.

02
of 09

Creating a New Workgroup Information File

In the wizard's first screen, you're asked whether you want to start a new security file or edit an existing one. We'll assume you want to start a new one, so select "Create a new workgroup information file" and select Next.

03
of 09

Providing a Name and Workgroup ID

The next screen asks you to enter your name and company. This step is optional. You'll also see a strange string called the WID. This is a unique identifier assigned randomly and should not be changed.

Also on this screen, you'll be asked whether you want your security settings to apply to only the database you're currently editing or whether you want the permissions to be default permissions that apply to all databases. Make your choice, then click Next.

04
of 09

Selecting the Security Scope

The next screen defines the scope of your security settings. If you wish, you may exclude particular tables, queries, forms, reports or macros from the security scheme. We'll assume you want to secure the entire database, so press the Next button to continue.

05
of 09

Selecting User Groups

The next wizard screen specifies the groups to enable in the database. You can select each group to see the specific permissions applied to it. For example, the Backup Operators group is able to open the database for backup purposes but can't actually read the data objects.

06
of 09

Permissions for the Users Group

The next screen assigns permissions to the default Users group. This group includes all users of the computer, so use it judiciously! If you're enabling user-level security, you probably don't want to allow any rights here, so you can simply leave the "No, the Users group should not have any permissions" option selected and press the Next button.

07
of 09

Adding Users

The next screen creates database users. You can create as many users as you'd like by clicking the Add New User option. You should assign a unique, strong password for each database user. In general, you should never create shared accounts. Giving each database user an individual named account increases accountability and security.

08
of 09

Assigning Users to Groups

The next screen pulls together the previous two steps. You may select each user from the drop-down box and then assign him to one or more groups. This step provides users with their security permissions, inherited from their group membership.

09
of 09

Creating a Backup

On the last screen, you're provided with the option to create a backup unencrypted database. Such a backup helps you to recover your data if you forget a user password down the road. It's good practice to create the backup, save it to a removable storage device like a flash drive or a DVD and then store the device in a safe location. After you've created your backup, delete the unencrypted file from your hard disk to protect it from prying eyes.