An internal number in the Security Account Manager (SAM) database of a domain controller in Microsoft Windows NT or Windows 2000 that uniquely identifies a user, group, or computer account within a domain. Security identifiers (SIDs) are used internally by Windows NT and Windows 2000 to provide user accounts with access to network resources.
SIDs are guaranteed to be unique because they are created using a combination of user information, domain information, and time and date of account creation. The general format of a SID is a series of decimal numbers separated by dashes in the following form:
X is the value of the identifier authority, and Y1, Y2, and so on are values of subauthorities. The prefix S-1 means “SID revision 1.”
Changing the name of a user, computer, or domain does not change the underlying SID for that account. Administrators cannot modify the SID for an account in Windows NT, and there is generally no need to know the SID assigned to a particular account. SIDs are primarily intended to be used internally by the operating system to ensure that accounts are uniquely identified to the system.