Developing a database application, I need to have two access levels: 1. Normal users that can do data entry, 2. Administrators that are able to change the parameters, add users....
To manage the users i decided to add a table to the main database to keep the records of them and their roles.

The application uses Access database and may be installed on Win98 machines with absolutly no security . So the database is readily accessible for anyone who has access to the computer. In order to make it secure I have to password protect it and use that password in connection strings used in the application. It seems practical but has some problems:
1. There is always a chance to crack the password of Access files
2. If the password of the database is to be changed then it should be changed once in the application, and once out of it using Access.

So am searching for a better model to apply the security. Any idea?