Developing a database application, I need to have two access levels: 1. Normal users that can do data entry, 2. Administrators that are able to change the parameters, add users....
To manage the users i decided to add a table to the main database to keep the records of them and their roles.

The application uses Access database and may be installed on Win98 machines with absolutly no security ;) . So the database is readily accessible for anyone who has access to the computer. In order to make it secure I have to password protect it and use that password in connection strings used in the application. It seems practical but has some problems:
1. There is always a chance to crack the password of Access files
2. If the password of the database is to be changed then it should be changed once in the application, and once out of it using Access.

So am searching for a better model to apply the security. Any idea?

don't know if this will solve your problem but I use a simple Encrypt/decrypt function to store an encrypted user name and password in the database. this allows access to different functions within the program based on a security level. the only details stored in the database is the encrypted values so no on e can hack in and enter somone elses details

call the function with the type as true or false depending on whether you want to encrypt or decrypt (will handle up to 10 characters)

Code below
Function Encrypt(nTYpe As Integer, ByVal St As String)
Dim Temp As String
Dim X As Integer

Temp = ""
St = PadR(St, 10)
If nTYpe = False Then ' decrypt
For X = 1 To 10
Temp = Temp & Chr(Abs(Asc(Mid(St, X, 1)) - 127) - X)
Next X
Else ' encrypt
For X = 1 To 10
Temp = Temp & Chr(Abs(Asc(Mid(St, X, 1)) - 127 + X))
Next X
End If
Encrypt = Temp
End Function

Function PadR(St As String, nLen As Integer)
If IsNull(St) Then St = ""
PadR = left(St + Space(Max(nLen - Len(St), 0)), nLen)
End Function