Hello,<BR><BR>I am currently building an ASP to Access 2002 e-comm site and have been concerned about the security of our database. I&#039;ve read numerous articles talking about the performance gains of using a DSN-less connection as shown below.<BR><BR>Couple questions for everyone:<BR>How secure is it as compared to the other connection methods?<BR><BR>I realize in IIS you can restrict access to your database folder based on IP addresses but is this enough in today&#039;s environment? <BR><BR>Is someone able to view an ASP page prior to it being processed on the server (i.e., could they be able to see the location of our database from the information in the connection code)?<BR><BR>Our business does not anticipate a huge amount of concurrent traffic so Access was the obvious choice for us at the time.<BR><BR><BR>DSN-less connection<BR>Set dbConn = Server.CreateObject("ADODB.Connection")<BR>MdbFile Path = Server.MapPath("storedatastoredatabase.MDB")<BR>db Conn.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=" & MdbFilePath & ";"<BR><BR>Thanks a ton,<BR>scott