Hello,
I've a question and tried looking on google but it didnt' came up.
I've a Access DB on my webhost, is there any way to protect the
details from my host?
I read somewhere 'nothing is foolproof', okay I accept. Let me know of
*any* steps I can take to prevent, atleast to some extent, the
details.
It is not the CC details, but emails. I fear my host will sell it.
Thanks a lot.
HelLind wrote:
> Hello,
>
> I've a question and tried looking on google but it didnt' came up.
>
> I've a Access DB on my webhost, is there any way to protect the
> details from my host?
>
> I read somewhere 'nothing is foolproof', okay I accept. Let me know of
> *any* steps I can take to prevent, atleast to some extent, the
> details.
>
> It is not the CC details, but emails. I fear my host will sell it.
>
No. Access is not the most secure database you could be using. The password
protection is laughably simple to crack. The workgroup security is a little
tougher to bypass, but it is possible. If the data is that confidential, I
suggest using another database which supports data encryption.
Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
"HelLind"
news:9a6fe908.0411242205.60e1538f@posting.google.com...
> Hello,
>
> I've a question and tried looking on google but it didnt' came up.
>
> I've a Access DB on my webhost, is there any way to protect the
> details from my host?
>
> I read somewhere 'nothing is foolproof', okay I accept. Let me know of
> *any* steps I can take to prevent, atleast to some extent, the
> details.
>
> It is not the CC details, but emails. I fear my host will sell it.
>
> Thanks a lot.
you could encrypt the data before you store it....or..if you don't trust
your host...move!!!
> I've a Access DB on my webhost, is there any way to protect the
> details from my host?
Why are you using a host you don't trust?
Why on earth are you using Access, if your data is sensitive?
--
http://www.aspfaq.com/
(Reverse address to reply.)
"Aaron [SQL Server MVP]"
> > I've a Access DB on my webhost, is there any way to protect the
> > details from my host?
>
> Why are you using a host you don't trust?
>
> Why on earth are you using Access, if your data is sensitive?
How do you trust or dont' trust a host? It is hard to be sure and
better to play safe.
Well, my data is not ultra-sensitive but I don't want anyone to have
easy acess to my DB by just clicking on it to open.
I know I can set password to my Access DB, but inorder to access it
via ASP script, I've to put the password in the connection string,
which pretty much back to square one.
Is there any tips and tricks? :)
Thanks a lot.
"Alistair"
> you could encrypt the data before you store it....or..if you don't trust
> your host...move!!!
I want to hide my site member's emails. As a webmaster I've a
responsibility to keep their emails private.
I've used SHA Hash to one-way encrypt their passwords. No problem.
But how do I encrypt their emails on my DB? If I use one-way hash, I
won't be able to get it back. If I use two-way encryption, then the
code to decrypt would be on my ASP scripts available to my host.
The reason I'm using ACCESS DB is because this is where most people
start from. I am taking time to learn MySQL. But still, the problem is
not database inherit security but how to hide it from my host.
Trusting or not trusting my host is another question, surely there are
technical ways to prevent them from accessing?
Corret me if i am wrong :-)
Thanks for the replies so far.
On 26 Nov 2004 19:19:39 -0800, u8712123@cc.nctu.edu.tw (HelLind)
wrote:
>"Aaron [SQL Server MVP]"
>> > I've a Access DB on my webhost, is there any way to protect the
>> > details from my host?
>>
>> Why are you using a host you don't trust?
>>
>> Why on earth are you using Access, if your data is sensitive?
>
>How do you trust or dont' trust a host? It is hard to be sure and
>better to play safe.
You could become your own host. Or look at the contract and see what
obligations they have.
>Well, my data is not ultra-sensitive but I don't want anyone to have
>easy acess to my DB by just clicking on it to open.
>
>I know I can set password to my Access DB, but inorder to access it
>via ASP script, I've to put the password in the connection string,
>which pretty much back to square one.
>
>Is there any tips and tricks? :)
You've about heard them all. Move to a host that won't read your
database, become your own host or encrypt anything you don't want
read. If you move your encryption code to a DLL you don't need to
worry about a script in text.
Jeff
jeff.nospam@zina.com (Jeff Cochran) wrote in message news:<41a92072.2457912050@msnews.microsoft.com>...
> You've about heard them all. Move to a host that won't read your
> database, become your own host or encrypt anything you don't want
> read. If you move your encryption code to a DLL you don't need to
> worry about a script in text.
>
> Jeff
Well, I guess there is no other solution then.
Thanks everyone for the reply. This wasn't the first time I was
asking, I just thought over-the-months people would have come with
some solution. (besides DLL thingy)
Cheers :)