In order to assess the difficulty and time required, it would be necessary to look at how the data has been encoded by examining the MS Access db. In the past, I have developed data protection schemes for clients in MS Access that would be time consuming for someone to crack directly. In general, it requires examining the macros in the mdb, the database structure, and forms to determine how data is actually being stored. Anyone who tells you that they can solve it easily without looking at it first is probably just being hopeful that it's a very simple protection scheme.