Security Overview > Login Security
  
Login Security
The following types of security are enforced at login:
Login security determines whether a user can log in to an application session based on their user ID and password. This level of security is always active, although how it is implemented depends on settings in Security Control.
For example, system administrators can choose to allow valid users to log in to the QAD application based on operating system-level access. See OS-Based Login Security for details.
Note: You also should consider additional access security options at the operating-system and Progress levels. See Operating System and Progress Security for details.
Domain/entity security limits individual user access to the domains and entities identified in User Domain/Entity Access Maintain (36.3.4). If using the .NET UI, users can open other workspaces in order to access domains and entities for which they are authorized.
These two types of security are closely related and work together to ensure that users can only access the business areas that they have been authorized.