How to Change the Security Identifier (SID)?

What is the Security Identifier (SID)?

A security identifier (SID) is a unique value of variable length used to identify a trustee. Each account has a unique SID issued by an authority, such as a Windows domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group.

How to change the SID?

In a WORKGROUP of computers running Windows, it is possible for a user to have unexpected access to shared files or files stored on removable storage. This can be prevented by setting access control lists on a susceptible file, such that the effective permissions are determined by the user SID. If this user SID is duplicated on another computer, a user of a second computer having the same SID could have access to the files that the user of a first computer has protected. This can often happen when machine SIDs are duplicated by a disk clone, common for pirate copies. The user SIDs are built based on the machine SID and a sequential relative ID.

In order to duplicate SIDs prevention, the only supported Windows operating systems are through use of SysPrep the built-in Windows tool, which generates new SIDs. The following are the short steps on how to change the SIDs safely.

Check the current SID by running the following command in Powershell. In order to compare the change.

>whoami /all

Open Windows Explorer > Go to C:\Windows\System32\Sysprep, run the sysprep.exe

Tick the checkbox Generalize, then click OK to proceed with the change.

Sysprep is working, It will require a machine restart to re-settings.

Restart your machine, re-settings as Windows recommend.

Once done, try to run the command whoami /all for double-check after the change. The SID will be changed to another one.

That’s it. Now your machine has a unique SID. Hope it helps.

5 2 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x