Remove the Access Bypass (Shift) Key

As most more-experienced Access users are aware, Access has a bypass key that allows them to ôskipö the startup procedures. By holding down [Shift] as they open the database, they will often be able to view (if not change) sensitive information and code. Setting up users and groups provides some measure of security, and many problems can be avoided by creating a new Admin level user (for example, MyAdmin), and giving only minimal rights to the default Admin user. However if the user has not joined the correct workgroup for your database (for example, they have opened the database direct from Windows Explorer rather than via a shortcut), they may still be able to view information you may want to keep restricted.

The way around this is to set the database property AllowBypassKey to false. By using this method, if your database window is hidden on startup the user will not see any of the database objects. However as a developer, you still need to be able to gain access to your code at will.

Using Startup Command-Line Options
The function shown below allows you to use the startup line options in Access to either lock or unlock the database. The startup option is /cmd.

<full path to msaccess.exe> <database> /cmd <command>

You need to set two separate commands here û one to lock the database, and one to unlock it. In the following example the command to lock the database is ôlockö, and the unlock command is ôletmeinö. These commands are not case sensitive in this code.

To lock the database, you need to create a shortcut where the command line is similar to the following example:

ôC:\Program Files\MSOffice\Office\MSAccess.exeö ôC:\Test\MyDatabase.mdbö /cmd "lock"

The command to unlock the database used in the example above would be as follows:

ôC:\Program Files\MSOffice\Office\MSAccess.exeö ôC:\Test\MyDatabase.mdbö /cmd "letmein"

Please Note: If you do not specify the name of the database, Access will prompt you for the database name as usual, and then run the code.

After creating the function shown below, the only other step is to create an AutoExec macro that runs this function. If your macro doesnÆt need have any other code, the only line required is as follows:

RunCode CheckCommandLine()

If you want to have a specific form displayed on opening the database, your AutoExec macro should handle that function, rather than specifying the name of the form to display under Tools, Startup. An example is as follows:

Condition Action Options
CheckCommandLine()=False Quit Exit
Open Form <form name>

Please Note: In the example of the function shown below, the function returns a boolean value. If the database has just been either locked or unlocked, or the default Admin user has attempted to open the database, the value returned is false. This triggers the Quit action in the macro.

Function CheckCommandLine() As Boolean
Dim db As Database
Dim prp As Property
Dim strProperty As String
Dim strMsg As String
Dim ysnAllow As Boolean

Const conPropertyNotFoundError = 3270


On Error GoTo CheckError

Set db = CurrentDb()
strProperty = "AllowBypassKey"

' Check value returned by Command startup function
Select Case LCase(Command)
Case "letmein"
ysnAllow = True
CheckCommandLine = False

strMsg = "The Access bypass key has been reactivated." & Chr(13) & Chr(13)
strMsg = strMsg & Chr(9) & "The database is UNLOCKED!" & Chr(13) & Chr(13)
strMsg = strMsg & "Please close the database and open again normally."

Case "lock"
ysnAllow = False
CheckCommandLine = False

strMsg = "The Access bypass key has now been deactivated." & Chr(13) & Chr(13)
strMsg = strMsg & Chr(9) & "The database is LOCKED!" & Chr(13) & Chr(13)
strMsg = strMsg & "Please close the database and open again normally."

Case Else
If LCase(CurrentUser) = "admin" Then
strMsg = "This database is LOCKED!" & Chr(13) & Chr(13)
strMsg = strMsg & "Leave and never darken my door again!"

CheckCommandLine = False

Else
CheckCommandLine = True
End If
End Select

db.Properties(strProperty) = ysnAllow

If strMsg <> "" Then
MsgBox strMsg, vbInformation, "MS Access Security"
End If

Exit Function


CheckError:
Select Case Err.Number
Case conPropertyNotFoundError
Set prp = db.CreateProperty(strProperty, dbBoolean, ysnAllow)
db.Properties.Append prp
Resume Next

Case Else
CheckCommandLine = True
Exit Function
End Select
End Function