I am a member of a sports association and I am developping a simple JavaFX application for managing member's license.
This application will be used on a notebook without any connection, it has to be offline an protected by a user/password. It will run on a shared Windows account.
The application must be the simpliest possible to install and use (average user age around 60-70 years old) so for storing data I plan to use an embedded Java database (I started with H2 in db file mode but I can switch to another engine) with some user restriction.
Everything work so far and users only have access to the desired informations but my problem is that everyone who can access the notebook can freely open the DB file with notepad or something else and see all confidential informations.
I known that H2 offer some database encryption and I test with AES and it work so far, but I don't known of to deal with the DB password.
The DB must have a single password but I want the application so be accesible and started by any user without the help of an administrator (who would enter the master password for example)
How can I secure the information in the database and make it usable by multiple users without an administrator involved?
