Mikey wrote:

>> > The apps I write are pretty much desktop stuff. I'm trying
>> to move away from Access. Firebird was looking real good,
>> but I need a protected db for one of the apps. [...]
>>From anybody who may gain access (no pun intended) to the
>>users computer. The app is for storing signons and passwords,
>>so the user only has to remember one.

> I understand it's not foolproof, but I think better than
> keeping a list taped to the bottom of the keyboard.

[...]

It's probably foolproof, it's people that are not fools
that you have to worry about.

My own opinion is that Firebird is not suitable for this
purpose (and neither was Access). There are several systems
available for storing a list of signons and passwords, this
one: http://passwordsafe.sourceforge.net/ has been around
for a long time. It has a good level of user-controlled
security and many useful features for such a product.

To encourage users to store passwords in a system that cannot
be truly secure (when properly used) is a serious mistake.
They probably would be better with their passwords under they
keyboard, at least that way they would not be fooled into
thinking the information is securely stored - and the passwords
would be safer from online hackers.

--
Geoff Worboys
Telesis Computing