All About Security Identifier | Full & Detailed Guide

Rel updated on Apr 19, 2023 | Home > Knowledge Center

What Is Security Identifier

A security identifier, also known as a security ID or SID, is a unique value that identifies users, groups, and computer accounts. Each initially created account or group receives a unique SID issued by an issuing authority, such as a Windows domain controller. A SID is a special string of characters that is normally stored in the security database and is not accessible to users.

security identifier example

While users create a new account or group, the system also generates a new SID. If a SID has been used as a unique identifier for that account, that SID can never be used again to identify other users or groups. In other words, when a user deletes an account or group and then creates a new user with the same username, the new account is completely not the same as the old account, the difference being that the system associates separate security identifiers to them.

The Role of Security Identifier

After the user passes authentication, the login process gives the user an access token, which is equivalent to a ticket for accessing system resources. The access token contains the user and groups' SID, and the user's privileges. When a user attempts to access a system resource, the access token is provided to Windows, which then checks the access control list on the object the user tries to access. Once a user is permitted to access the target, Windows will assign the user the appropriate access privileges.

The security identifier is one of the basic building blocks of the Windows security model and needs to work with specific components of the security infrastructure of the Windows Server operating system. With the help of SIDs, the system can protect access to network resources and secure the system environment.

Where Is Security Identifier

The SID is stored in the Windows registry, and you can find the user's SID by opening a command prompt and entering the correct command exactly as instructed below.

wmic useraccount get name,sid

find security identifier

If you only want to get the SID of a specific user, enter this command:

wmic useraccount where name="USER" get sid

find a specific user sid

How Does SID Work

SID maintains the security of Windows, and it helps the system authenticate. Since each SID marks a unique account or group, Windows can easily identify every account. Even if the account name of that user changes, the SID never changes.

The domain controller also gives the computer a SID when it enters the domain, which is also used for authentication. This also means that SIDs generated in one domain will never match those generated in others.

The Structure of Security Identifier

The security identifier is structured as data in binary format and in a string format for easy reading, which contains a variable number of values. The logical structure of the SID composition is shown in the following figure:

the structure of sid

  • Revision is the version of the structure used by the particular SID and needs to be initialized to 0x01.
  • IdentifierAuthority is the highest authority level given to the SID by a specific subject.
  • SubAuthority is a component of the SID domain that holds the most important information. Subauthorities of the SID are identified by a 32-bit subauthority value, but each SID can contain up to 15 subauthorities.
  • SubAuthorityCount is the number of sub-authorities in the SID.

And the basic syntax rules for SIDs are as follows:

  • SID is a string consisting of a number and a hyphen
  • All SID strings start with the letter S
  • SID consists of four parts: revision level, identifier authority, domain identifier, relative identifier
  • Each part of the SID is separated by a hyphen


Although a security identifier is just a string starting with the letter S, it is an integral part of securing your Windows system environment. After reading this post, you can have your own understanding of what a security identifier is. 

To learn more about the computer system, you can read the following posts:

Was This Page Helpful?


Updated by Rel

Rel has always maintained a strong curiosity about the computer field and is committed to the research of the most efficient and practical computer problem solutions.

Read full bio