What is a SID (Security ID)?
SID stands for Security Identifier and is used within NT/2000 as a value to
uniquely identify an object such as a user or a group. The SID assigned to a
user becomes part of the access token, which is then attached to any action
attempted or process executed by that user or group. If a duplicate SID did
exist then all users with this SID would authenticate as what would be seen as
the same user. It is possible for cloned machines to have the same SID, which
would be seen by the authentication mechanism as the same machine. The SID under
normal operation will be unique and will identify an individual object such as a
user, group or a machine.
A SID contains:
- User and group security descriptors
- 48-bit ID authority
- Revision level
- Variable sub-authority values
Windows Privacy Tools - http//www.privacywindows.com