Password and datas not really protected

OK, I know one of the team, I'll refer them to your post, and if they are OK with that, we'll find a way of getting you people in touch. Then you can decide what is possible or not.

I don't understand most of what you are saying ;-D, but I take that as a No

Not necessarily. I've made a basic list of my skills, in reality I don't know how I can help. Who understands my skills, may know if I can be useful. (1 Cor. 14:40) ;-)

I don't understand most of what you are saying ;-D, but I take that as a No

I know the team are always looking for code writers. Something for you?

As you can read|see on my website, I have coded, a long time ago, in PHP; and I have always liked this language; I have also done python, another approach that I like. And, I still practice regularly creating shell scripts (ksh, bash, if possible POSIX compliant). But always self-taught and solo, I never worked in a team.

I had a Java-PL/SQL developer training, in 2012. I have never practiced professionally, and I don't like this language. I have done some SQL (MySQL, MariaDB mainly), but it is not my favorite, too. If I had to do, I did, but without "true love". And it's been a long time since I've made…

Voila! :D

I know the team are always looking for code writers. Something for you?

If you keep the database only local, the only way to really protect it, is the protection of the system the database is on. The password protection is false security if you do not encrypt the database. I tried it, but the option is greyed out...

Maybe this post wasn't about GDPR, but since you brought it up... TB has a functionality to share data in the cloud. Cloud will not have a copy of the database though: phone numbers and (email) addresses are not shared in the cloud, exactly because of GDPR. Put differently: if you would be sharing TB data in the cloud to sync between computers, you'd have to enter those details separately into each computer. 

That said: whether or not to use Dropbox for TB data, is still (very) open for discussion.

I agree with you when you said/wrote about password protection. This reassures men, who are not aware of the dangers associated with IT. As an ex-IT professional, when I saw sqlite, which is very good for small IT projects like theocbase, I wondered if the information in the database was encrypted or not. If not, and it is the case, they are not, then in fact the management by password is all the more illusory ;-)

Encrypting the data can be done before sending the data into the database, as since sqlite has internal encryption algorithms or as modules, can be done internally to the database.

Personally, I use it under Linux. My home is encrypted. Turned off or without my session password, impossible to access data.

Another way of protection is to use an encrypted container, opened before using TB, which contains at least the base, cf software like ex-truecrypt, veracrypt and others.

Another way to share such data between several computer media is the use of software such as syncthing, as well as exit the cloud ;-)
In IT, there is always the possibility to do things differently.

PS: I would test, to see, if from the binary for Linux, I can make it work under OpenBSD :p

If you keep the database only local, the only way to really protect it, is the protection of the system the database is on. The password protection is false security if you do not encrypt the database. I tried it, but the option is greyed out...

Maybe this post wasn't about GDPR, but since you brought it up... TB has a functionality to share data in the cloud. Cloud will not have a copy of the database though: phone numbers and (email) addresses are not shared in the cloud, exactly because of GDPR. Put differently: if you would be sharing TB data in the cloud to sync between computers, you'd have to enter those details separately into each computer. 

That said: whether or not to use Dropbox for TB data, is still (very) open for discussion.

In fact, with the GDPR, we cant send datas on cloud, if you keep personals informations like telephone or mails. Our organisation, apparently, "said": dont publish those personals datas on cloud or web systems.

But this post is not about GPDR compliant, it's about to protect correctly the datas. ;-)

It's up to you!

I have ofthen told this to users who shut themselves out of their databases: don't use the password function. It can easily be reset. Honestly though, I have never dared to test what happens if you also decide to encrypt the database.

GDPR may have an effect on your decision to use the cloud function (dropbox) or not, regardless of the database security.