Okay so I know that everyone is going to say this is a bad idea but I merely wish to explore this as a concept and get some well formed thoughts and opinions.

Here’s the setup:

In one private application I am setting up calendar data and that data is to be partitioned and accessed by various teams and their team members. They each want to see different data.
****ALL Team members are identified in the database (This is important info for later, bear with me.)

Some of those team members do not need to use the private application and it’s features, so I’d like to setup a public app for them to view their team’s data in a more simple way.

The idea is that to view their team’s data; when they enter the app they would have to input their name in one field and a secret phrase in another (emulating login for ease of use) which then would show all corresponding data of the team related to that secret phrase. I do also have a concept for is user’s change that secret phrase and how to accurately change that for all data it pertains to…

Users in this public app do not need to input any data generally but for the few instances they do they could be identified.

It’s important to note all of our actual data sets are only accessed by one other person than myself and none of it is downloaded to user devices. We host it all from our google drive.

I would love some thoughts about this work around and what sort of perils I should look out for? This data is for the music industry and none of it is particularly personal. A good majority of it is public information. SOME of it is private info like day of show contact info for a talent buyer; but even that information is passed around.

Okay… thoughts? Thank you if you read this far.