Hello,

I have a problem that has been bothering me for some time now. This is how I open a connection to my db....
cn.open "dsn=mydb;uid=me;pwd=me123"

Is this an accepted way of doing it??

My problem is that ANYONE can see what my pwd is!! How can I do this so that no-one can see my pwd.

Thanks,
T

Normally I have a form with fields for username and password and then I build the connectionstring dynamically from the input fields, then based on the connection strings success the program decides whether to proceed or not.

The way you do it every time you change your password you have to recompile the app.

Hi MadWorm,

Yes this is true, but is the way I do it secure enough??!! Or can someone easily get hold of this info by doing it in this way.

Thanks,
T

If it's compiled it will be safe, any other developer who sees your source code can see it of course, it depends how you feel about that. To the best of my knowledge decompiling VB6 is impossible.

For anonymous web stuff here we create a special account with no password expiry with read only access and code it like you do in a DLL. That is the accepted practise and how Microsoft did it in the Visual Interdev web development course we went on.

Thanks MadWorm.