0

The title says it all: as we are nearing release of our desktop application, which uses a local database (SQLServer 2014 LocalDb), we want to password protect access to it.

The database will be created using EF Code First on the user's computer the first time he starts up the application. This must be really simple, but I seem to overlook the solutions that should present itself on Google.

Improve this question
4
  • 2
    I'm confused because I know Sql Server CE has a database password, but LocalDB is a full on database with users and everything, so a database password doesn't really make sense in your context. If you want to "password protect the database" you'll need to do user management. Commented Jan 16, 2015 at 23:04
  • What is the problem? Just add the user from server logins and make appropriate changes in connection string. Commented Jan 16, 2015 at 23:10
  • The problem probably is that I am a complete noob. @ErikPhilips and Hamlet's remarks suggest that I have knowledge that I do not have. I just have experience in working with EF Code First. Commented Jan 16, 2015 at 23:18
  • Then what you'll need to do is research on how to; A How Sql User Management works (like Create User) and then B how to use the SqlCommand to make these custom calls to the database. Entity Framework is a layer that was not designed for nor has any method to actually manage a database. What you are looking to do is not simple at all. Commented Jan 16, 2015 at 23:23

1 Answer 1

Reset to default
4

The short answer here is you can't password protect LocalDb. LocalDb is designed to be a low friction database setup for development and testing, but it does not provide any of the advanced features of SQL or even SQL Compact Edition. From MSDN:

LocalDB is created specifically for developers. It is very easy to install and requires no management

and then there is this:

Moreover, if the simplicity (and limitations) of LocalDB fit the needs of the target application environment, developers can continue using it in production, as LocalDB makes a pretty good embedded database too

"pretty good" implies that while it will work, there may be better solutions. Essentially, the lack of security is a feature of LocalDB. It is designed to run as the currently logged in user, giving them full access.

If you need Database Security as a feature of your deployed application, but do not want to deal with the complexities of a full SQL installation, you should consider SQL Compact Edition.

See this article How to: Deploy a SQL Server Compact 4.0 Database with an Application. Deployment will vary depending on the deployment methods used by the rest of your application.

Entity Framework is an abstraction layer which is not specifically tied to a specific database technology. It will work identically with LocalDb, SQL Compact, SQL Express, MySQL, postgresql, etc... usually with nothing more than than the correct database driver and the correct connection string supplied.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.