You must either be the owner (owner: When security is being used, the user account that has control over a database or database object. By default, the user account that created a database or database object is the owner.) of the database or a member of the Admins group (Admins group: The system administrator's group account, which retains full permissions on all databases used by a workgroup. The Setup program automatically adds the default Admin user account to the Admins group.) with Open Exclusive permission (permissions: A set of attributes that specifies what kind of access a user has to data or objects in a database.) to encode or decode a database employing user-level security (user-level security: When using user-level security in an Access database, a database administrator or an object's owner can grant individual users or groups of users specific permissions to tables, queries, forms, reports, and macros.).

Also, you must have enough storage space on your disk for both the original and the encoded or decoded versions of the database.

A database password is defined in addition to user-level security (user-level security: When using user-level security in an Access database, a database administrator or an object's owner can grant individual users or groups of users specific permissions to tables, queries, forms, reports, and macros.). If user-level security has been defined, any restrictions based on user-level security permissions (permissions: A set of attributes that specifies what kind of access a user has to data or objects in a database.) remain in effect.

Do not use a database password if you will be replicating (database replication: The process of creating two or more special copies (replicas) of an Access database. Replicas can be synchronized, changes made to data in one replica, or design changes made in the Design Master, are sent to other replicas.) a database. Replicated databases can't be synchronized (synchronization: The process of updating two members of a replica set by exchanging all updated records and objects in each member. Two replica set members are synchronized when the changes in each have been applied to the other.) if database passwords are defined.

In rare circumstances, the Microsoft Access workgroup information file (workgroup information file: A file that Access reads at startup that contains information about the users in a workgroup. This information includes users' account names, their passwords, and the groups of which they are members.) can become damaged. If you start Microsoft Access and that file can't be opened, a message will be displayed. How you solve this problem depends on whether you have a backup copy and how your workgroup information file was originally created or specified. The following table summarizes how you should address each situation.

Important  Microsoft Access stores security account information in the workgroup information file. So in all cases where you don't have a backup copy and have to re-create a workgroup information file, if you've restricted permissions (permissions: A set of attributes that specifies what kind of access a user has to data or objects in a database.) to your databases, you must re-create security accounts with the same case-sensitive (case-sensitive: Capable of distinguishing between uppercase and lowercase letters. A case-sensitive search finds only text that is an exact match of uppercase and lowercase letters.) names and personal ID (PID (personal ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that Access uses in combination with the account name to identify a user or group in an Access workgroup.)) entries as before.

Note  You don't have to redefine permissions or object ownership because this information is stored in the security-enabled databases.

If a workgroup information file (workgroup information file: A file that Access reads at startup that contains information about the users in a workgroup. This information includes users' account names, their passwords, and the groups of which they are members.) becomes damaged or has been deleted, and a backup copy isn't available, you can re-create the workgroup information file if you have the exact case-sensitive (case-sensitive: Capable of distinguishing between uppercase and lowercase letters. A case-sensitive search finds only text that is an exact match of uppercase and lowercase letters.) information that you used to create the file and define the accounts and groups in the file originally.

1. Create a new workgroup information file, making sure to enter the exact case-sensitive name, company name, and workgroup ID (WID) (workgroup ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that you enter when creating a new workgroup information file by using the Workgroup Administrator. This uniquely identifies the Admin group for this workgroup file.) that you used to create the original file. Failure to re-enter the exact entries used to create the original file will create an invalid Admins group (Admins group: The system administrator's group account, which retains full permissions on all databases used by a workgroup. The Setup program automatically adds the default Admin user account to the Admins group.).

   How?

   A Microsoft Access workgroup information file (workgroup information file: A file that Access reads at startup that contains information about the users in a workgroup. This information includes users' account names, their passwords, and the groups of which they are members.) contains a list of users who share data, also know as a workgroup (workgroup: A group of users in a multiuser environment who share data and the same workgroup information file.). Users' passwords are also stored in the workgroup information file. To control who has access to your database, you must create a new workgroup information file.

   1. Start Microsoft Access.
   2. On the Tools menu, point to Security, and then click Workgroup Administrator.
   3. In the Workgroup Administrator dialog box, click Create.
   4. In the Workgroup Owner Information dialog box, type your name and organization, and then type any combination of up to 20 numbers and letters for the workgroup ID (WID) (workgroup ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that you enter when creating a new workgroup information file by using the Workgroup Administrator. This uniquely identifies the Admin group for this workgroup file.).

      Caution  Be sure to write down your exact name, organization, and workgroup ID — including whether letters are uppercase or lowercase (for all three entries) — and keep them in a secure place. If you have to re-create the workgroup information file, you must supply exactly the same name, organization, and workgroup ID. If you forget or lose these entries, you can't recover them and might lose access to your databases.

   5. Type a new name for the new workgroup information file. By default, the workgroup information file is saved in the language folder. To save in a different location, type a new path or click Browse to specify the new path.

   The new workgroup information file is used the next time you start Microsoft Access. Any user (user account: An account identified by a user name and personal ID (PID) that is created to manage the user's permissions to access database objects in an Access workgroup.) and group accounts (group account: A collection of user accounts in a workgroup, identified by group name and personal ID (PID). Permissions assigned to a group apply to all users in the group.) or passwords that you create are saved in the new workgroup information file. To have others join the workgroup defined by your new workgroup information file, copy the file to a shared folder (if you didn't already save it in a shared folder in step 5), and then have each user run the Workgroup Administrator to join the new workgroup information file.

2. Re-create any group accounts (group account: A collection of user accounts in a workgroup, identified by group name and personal ID (PID). Permissions assigned to a group apply to all users in the group.), making sure to enter the exact case-sensitive group name and personal ID (PID (personal ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that Access uses in combination with the account name to identify a user or group in an Access workgroup.)) for each group.

   How?

   As part of securing a database, you can create group accounts (group account: A collection of user accounts in a workgroup, identified by group name and personal ID (PID). Permissions assigned to a group apply to all users in the group.) in your Microsoft Access workgroup (workgroup: A group of users in a multiuser environment who share data and the same workgroup information file.) that you use to assign a common set of permissions (permissions: A set of attributes that specifies what kind of access a user has to data or objects in a database.) to multiple users.

   To complete this procedure, you must be logged on as a member of the Admins group (Admins group: The system administrator's group account, which retains full permissions on all databases used by a workgroup. The Setup program automatically adds the default Admin user account to the Admins group.).

   1. Start Microsoft Access by using the workgroup in which you want to use the account.

      Important  The accounts you create for users must be stored in the workgroup information file (workgroup information file: A file that Access reads at startup that contains information about the users in a workgroup. This information includes users' account names, their passwords, and the groups of which they are members.) that those users will use. If you're using a different workgroup to create the database, change your workgroup before creating the accounts. You can change workgroups by using the Workgroup Administrator.

   2. Open a database.
   3. On the Tools menu, point to Security, and then click User And Group Accounts.
   4. On the Groups tab, click New.
   5. In the New User/Group dialog box, type the name of the new account and a personal ID (PID) (personal ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that Access uses in combination with the account name to identify a user or group in an Access workgroup.).

      Caution  Be sure to write down the exact account name and PID, including whether letters are uppercase or lowercase, and keep them in a secure place. If you have to re-create an account that has been deleted or created in a different workgroup, you must supply the same name and PID entries. If you forget or lose these entries, you can't recover them.

      Note  A user account name cannot be same as an existing group account name, and visa versa.

   6. Click OK to create the new group account.

   Note  The PID entered in step 5 is not a password. Microsoft Access uses the PID and the user name as seeds for an encryption algorithm to generate an encrypted identifier for the user account (user account: An account identified by a user name and personal ID (PID) that is created to manage the user's permissions to access database objects in an Access workgroup.).

3. Re-create each user account (user account: An account identified by a user name and personal ID (PID) that is created to manage the user's permissions to access database objects in an Access workgroup.), making sure to enter the exact case-sensitive user name and PID for each user.

   How?

   To complete this procedure, you must be logged on as a member of the Admins group (Admins group: The system administrator's group account, which retains full permissions on all databases used by a workgroup. The Setup program automatically adds the default Admin user account to the Admins group.).

   Note  It is usually easier to manage security if you organize users into groups, and then assign permissions (permissions: A set of attributes that specifies what kind of access a user has to data or objects in a database.) to groups rather than to individual users.

   1. Start Microsoft Access by using the workgroup (workgroup: A group of users in a multiuser environment who share data and the same workgroup information file.) in which you want to use the account.

      Important  The accounts you create for users must be stored in the workgroup information file (workgroup information file: A file that Access reads at startup that contains information about the users in a workgroup. This information includes users' account names, their passwords, and the groups of which they are members.) that those users will use. If you're using a different workgroup to create the database, change your workgroup before creating the accounts.

   2. Open a database.
   3. On the Tools menu, point to Security, and then click User And Group Accounts.
   4. On the Users tab, click New.
   5. In the New User/Group dialog box, type the name of the new account and a personal ID (PID) (personal ID: A case-sensitive alphanumeric string that is 4 to 20 characters long and that Access uses in combination with the account name to identify a user or group in an Access workgroup.), and then click OK to create the new account, which is automatically added to the Users group (Users group: The group account that contains all user accounts. Access automatically adds user accounts to the Users group when you create them.).

      Caution  Be sure to write down the exact account name and PID, including whether letters are uppercase or lowercase, and keep them in a secure place. If you ever have to re-create an account that has been deleted or created in a different workgroup, you must supply the same name and PID entries. If you forget or lose these entries, you can't recover them.

   Notes

   • A user account name cannot be same as an existing group account name, and visa versa.
   • The PID entered in step 5 is not a password. Microsoft Access uses the PID and the user name as seeds for an encryption algorithm to generate an encrypted identifier for the user account (user account: An account identified by a user name and personal ID (PID) that is created to manage the user's permissions to access database objects in an Access workgroup.).
4. If you saved the new workgroup information file to a new name or location in step 1, tell other users in the workgroup (workgroup: A group of users in a multiuser environment who share data and the same workgroup information file.) to use the Workgroup Administrator to join the new workgroup information file.