避免Access 2000密码被破译的办法[Access防范]

1、深化解析
上述程序成功的关键是利用了一个空数据库（New_Empty_DB.mdb）.该数据库的成立日期必须与被密码保护的数据库（Pass_Protected_DB.mdb）相一致. 换句话说,Access 2000 仅仅是利用"数据库成立日期"来加密用户密码.

应注意的是:上面的"成立日期"只是操作系统级的,也就是 Windows记录在文件夹目录里的信息（按照文件名的长短,每个文件在目录里占用至少32个字节,包含:文件名、属性、文件大小、首蔟号、成立时间、改正时间和拜候时间等）.
Access 2000 在数据库中也记录了该数据库的"成立日期".加密数据库密码的恰是数据库内部记录的这个"成立日期".该日期只有在数据库被成功翻开后才能看到.但在普通情形下,操作系统级的以及数据库内保存的"成立日期"是完好一样的,因此这为破译者供应了便利.
上述程序中还有一点需求阐明:为简明起见,解密密码时仅处理了双字节的首字节,因此它仅对非汉字密码有效.若要解密汉字密码,须对双字节均做处理.
2、防备办法
1、躲藏"成立日期"
从上面的解析可以看出,既然"成立日期"是破译的关键,那么我们应"对症下药",将真实的"成立日期"躲藏起来.
第一步,成立数据库时,利用一个"难以想象的、别人不易猜想"的日期.做法为:改正 Windows系统日期,比方改成2026年05月15日,成立数据库后再将系统日期改回.这个"难以想象"的日期即为该数据库的真实"成立日期".
第二步,改正操作系统级的"成立日期".上述第一步完成后,该数据库在操作系统级的成立日期也是2026年05月15日,必须加以改正,以到达躲藏真实成立日期的目的.改正操作系统级的"成立日期"可以由下面的程序二完成.
?
程序二（VB6）:改正文件在操作系统级的"成立日期"
Private Type FILETIME
dwLowDateTime As Long
dwHighDateTime As Long
End Type
Private Type SYSTEMTIME
wYear As Integer
wMonth As Integer
wDayOfWeek As Integer
wDay As Integer
wHour As Integer
wMinute As Integer
wSecond As Integer
wMilliseconds As Integer
End Type
Private Const GENERIC_WRITE = &H40000000
Private Const OPEN_EXISTING = 3
Private Const FILE_SHARE_READ = &H1
Private Const FILE_SHARE_WRITE = &H2
Private Declare Function SetFileTimeWrite Lib "kernel32" Alias _
"SetFileTime" (ByVal hFile As Long, lpCreateTime As FILETIME, _
ByVal NullP As Long, ByVal NullP2 As Long) As Long
Private Declare Function SystemTimeToFileTime Lib "kernel32" _
(lpSystemTime As SYSTEMTIME, lpFileTime As FILETIME) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" _
(ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal _
dwShareMode As Long, ByVal lpSecurityAttributes As Long, ByVal _
dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, _
ByVal hTemplateFile As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) _
As Long
Private Declare Function LocalFileTimeToFileTime Lib "kernel32" _
(lpLocalFileTime As FILETIME, lpFileTime As FILETIME) As Long
Private Sub Command1_Click()
Dim Year As Integer, Month As Integer, Day As Integer
Dim Hour As Integer, Minute As Integer, Second As Integer
Dim TimeStamp As Variant, Filename As String, X As Integer
Year = 2001: Month = 3: Day = 13 ' 预备设定的"成立日期"
Hour = 12: Minute = 0: Second = 26
TimeStamp = DateSerial(Year, Month, Day) + TimeSerial(Hour, Minute, Second)
Filename = "D:\VB6_Test\MDB_Password\Pass_Protected_DB.mdb" ' 目标文件名
X = ModifyFileStamp(Filename, TimeStamp)
End Sub
Function ModifyFileStamp(Filename As String, TimeStamp As Variant) As Integer
Dim X As Long, Handle As Long, System_Time As SYSTEMTIME
Dim File_Time As FILETIME, Local_Time As FILETIME
System_Time.wYear = Year(TimeStamp): System_Time.wMonth = Month(TimeStamp)
System_Time.wDay = Day(TimeStamp)
System_Time.wDayOfWeek = Weekday(TimeStamp) - 1
System_Time.wHour = Hour(TimeStamp): System_Time.wSecond = Second(TimeStamp)
System_Time.wMilliseconds = 0
X = SystemTimeToFileTime(System_Time, Local_Time)
X = LocalFileTimeToFileTime(Local_Time, File_Time) ' 转换成可用的范例
Handle = CreateFile(Filename, GENERIC_WRITE, FILE_SHARE_READ Or _
FILE_SHARE_WRITE, ByVal 0&, OPEN_EXISTING, 0, 0) ' 翻开文件
X = SetFileTimeWrite(Handle, File_Time, ByVal 0&, ByVal 0&) ' 设置日期
CloseHandle Handle ' 关闭文件
End Function
图三显示的是数据库的真实"成立日期"以及经程序二假装的操作系统级的"假象"日期.

可以看出,躲藏"成立日期"的办法对破译者来说只是增大了破译的工作量,增添了破解试验的次数.只有将该办法与下述的"办法二"相结合,才能到达"既治标又治本"的效果.不过在普通的情形下"办法一"已够用,因为假如破译者起始利用的测试日期与终究的真实日期相差百年,他需求付出数万次的勤奋!
2、利用用户级安全机制
通过设置差别的用户帐号和组帐号对数据库中的各种资源举行权限管理.这种加强了的安全机制固然给平常利用（特别是单用户利用）带来了不便,但在有安全隐患的地方仍然有设置的必要.
设置各种帐号及呼应权限的简单办法是利用"设置安全机制向导"（见图四）.图四还显示了安全机制启动后要求用户登录的画面.

3、结论
所谓"道高一尺魔高一丈",因为这世上并没有绝对的安全.上述办法一的目的是提高破译的本钱以到达常人难以承受的程度;而办法二的初衷是增添密码的数目.两种办法的结合足以使破译者望而却步.不过这并不意味着百分之百的安全.但从思惟上提高安全意识,防患于未然,这毕竟是精确的挑选. 　　以上是“避免Access 2000密码被破译的办法[Access防范]”的内容，如果你对以上该文章内容感兴趣，你可以看看七道奇为您推荐以下文章：