Hi I have just converted my single file solution to a Separation Model and the first interesting challenge is the accounts and passwords. I have 5 different access groups (privilege sets) and am happy with the handling of these. I have an accounts table and can control changes to privileges and passwords through that but I do not see a way to prevent the user from changing his password at the login screen. If he changes it in the Interface table then the backend will be out of step. I thought the tab in privileges might hide the change password button but it doesn't.

I feel sure I am missing something here.

Any ideas?

Disable the ability for users to change their passwords.

Either that or: use external authentication; or un-separate the files.

Vaughan's suggestion about external server authentication is an excellent one. Your situation is one of the principal reason that feature is in the product: multiple accounts and multiple files. That scenario is much easier to manage externally.

Also, I'd be very careful about those "accounts table" privileges. You might to take a look at this article.

Steven