On 2016/05/20 3:34 PM, Jason H wrote: > >> Sent: Friday, May 20, 2016 at 6:44 AM >> From: "Richard Hipp" <drh at sqlite.org> >> To: "SQLite mailing list" <sqlite-users at mailinglists.sqlite.org> >> Subject: Re: [sqlite] Password Protect SQLite DB >> >> On 5/20/16, Agarwal, Rajesh <Rajesh.Agarwal at snapon.com> wrote: >>> Not encryption, to password protect the db file. >> How is it possible to "password protect" a file without encrypting it? >> -- >> D. Richard Hipp >> drh at sqlite.org >> _______________________________________________ >> sqlite-users mailing list >> sqlite-users at mailinglists.sqlite.org >> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users > > Quite simple (pseudocode): > database_password = get_password(filename); > if (input_password != database_password) return error; > > However this approach as you intuitively recognized is not any "real" > protection at all. It's just an inconvenience step
Definitely, and SQLite is not in the habit of adding useless functions. I even think giving the file a really really obscure name with perhaps some chinese characters would probably go a much longer way to frustrating the level of user for whom that password system will present a barrier. To the OP: If you want to protect the contents of the files from any real villains, you need to either use the SEE extension via HWACI to encrypt it with password protection, or perhaps use a server-based RDBMS like Postgres or MySQL which come with user-control out the box.
