What Is an SID Number?

Definition of SID (Security Identifier)

Illustration of a laptop with the 'who are you?' written on the screen
Thinkstock by Getty Images

An SID, short for security identifier, is a number used to identify user, group, and computer accounts in Windows.

SIDs are created when the account is first created in Windows and no two SIDs on a computer are ever the same.

The term security ID is sometimes used in place of SID or security identifier.

Why Does Windows Use SIDs?

Users (you and me) refer to accounts by the account's name, like "Tim" or "Dad", but Windows uses the SID when dealing with accounts internally.

If Windows referred to a common name like we do, instead of a SID, then everything associated with that name would become void or inaccessible if the name were changed in any way.

So instead of making it impossible to change the name of your account, the user account is instead tied to an unchangeable string (the SID), which allows the username to change without affecting any of the user's settings.

While a username can be changed as many times you like, you're unable to change the SID that's associated with an account without having to manually update all of the security settings that were associated with that user to rebuild its identity.

Decoding SID Numbers in Windows

All SIDs start with S-1-5-21 but will otherwise be unique. See How to Find a User's Security Identifier (SID) in Windows for a full tutorial on matching users with their SIDs.

A few SIDs can be decoded without the instructions I linked to above. For example, the SID for the Administrator account in Windows always ends in 500. The SID for the Guest account always ends in 501.

You'll also find SIDs on every installation of Windows which correspond to certain built-in accounts.

For example, the S-1-5-18 SID can be found in any copy of Windows you come across and corresponds to the LocalSystem account, the system account that's loaded in Windows before a user logs on.

Here's an example of a user SID: S-1-5-21-1180699209-877415012-3182924384-1004. That SID is the one for my account on my home computer - yours will be different.

The following are a few examples of the string values for groups and special users that are universal across all Windows installs:

  • S-1-0-0 (Null SID): Assigned when the SID value is unknown, or for a group without any members
  • S-1-1-0 (World): This is a group of every user
  • S-1-2-0 (Local): This SID is assigned to users who log on to a local terminal

More on SID Numbers

While most discussions about SIDs occurs in the context of advanced security, most mentions here on my site revolve around the Windows Registry and how user configuration data is stored in certain registry keys that are named the same as a user's SID. So in that respect, the above summary is probably all you need to know about SIDs.

However, if you are more than casually interested in security identifiers, Wikipedia has an extensive discussion of SIDs and Microsoft has a full explanation here.

Both resources have information about what the various sections of the SID actually mean and list well-known security identifiers like the S-1-5-18 SID I mentioned above.