MS Access is RDBMS developed by Microsoft. It is being the real leader (standard) in the IT industry for many years, but password protection is not its strongest point. Originally, Microsoft offered password protection based on the system database, which stored a list of users, their passwords and rights. The database itself was not encrypted. The second type of password protection appeared in MS Access 95. User could put the password for the whole DB (one password for all users) and encrypt it. But both password protection methods were implemented at a very low level: the password was stored directly in the database, and there was a possibility to extract and decipher it.
The situation has changed with the release of MS Access 2007.
Microsoft refused the idea of users’ password protection but remained and improved the password protection on the level of DB. But in spite of this fact, the protection remains quite weak. Microsoft Corporation promised users the strong protection but actually they used 40-bit encryption, which do not provide strong password protection. One can hack the password of any length for MS Access 2007 with the help of such a tool as Access Password.
There is also one more thing about MS Access. MS Office contained an error resulting MS Access DB corruption. Microsoft acknowledged the error partially (see here: http://support.microsoft.com/kb/q223043/), but taking into consideration that the damaged databases have been met very often, one can assume that there is some typical situation, which lead to the database corruption. Such corrupted DBs were falsely considered to be password protected because of the error in the password protection implementation in MS Access 2007. One can use the password that will be accepted by MS Access database as valid; however, further work with it will lead to the emergency closure of the application. The only chance to recover such DB is to do it manually.
Source: http://www.articlealley.com/article_1046942_11.html