A new built-in group for Microsoft Windows NT or Windows 2000 that is created when Windows NT 4.0 Service Pack 3 or later is applied.
The Authenticated Users group is similar to the built-in Everyone group, except that anonymous logon users are never members of the Authenticated Users group. The built-in security identifier (SID) for this group is S-1-5-11.
The Authenticated Users group can be used to provide additional security when running Microsoft Internet Information Services (IIS) because the anonymous user account has the ability to enumerate share names and list domain usernames. Using the Authenticated Users group can restrict this ability for the anonymous user account.
You should generally use the Authenticated Users group instead of the Everyone group if you want to carefully control anonymous access to your network resources.
Note: In Windows NT, some editing of the registry is required to implement this new feature. For information, see Microsoft TechNet and the Readme file for Service Pack 3. In Windows 2000, the Authenticated Users group is one of the built-in system groups.