Can anyone direct me to a good article discussing the advantages / disadvantages of using a table with userid / password fields in a database vs. authenticating based on the group a windows user id belongs to?<BR>I&#039;ve checked out the security section but nothing jumped out at me. <BR>My application also tracks the level of authentication... eg) admins can delete and add, regular users can only add, and read only users can only see the data. <BR>