I am considering implementing an ASP app connecting to MS Access database.<BR><BR>To secure the database I will do the following:<BR><BR>a) secure the directory where the .mdb file is stored such that it cannot be downloaded.<BR>b) use the MS Access "User Level Security" scheme to control INSERT, UPDATE and DELETE operations. This would require user to provide password to access the database via HTML form.<BR>c) use SSL page for entry of password.<BR><BR>Is there anything I have missed?<BR><BR>What are the security risks with this approach??<BR><BR>Will my database be safe???<BR><BR>Thanks in advance<BR>Tim.