# Manage Users
_Register users on your TWiki site; change/reset/install passwords; remove user accounts_
## Authentication and Access Control
- [[TWikiUserAuthentication]] describes options of user authentication
- [[TWikiAccessControl]] describes how to define groups and how to restrict access to content
## Register User
It is not necessary to have user home pages in the TWiki system for Authentication to work - see [[TWikiUserAuthentication]] for details.
- [[TWikiRegistration]] is for users to fill out a form
- [[NewUserTemplate]] can be changed to customize user home pages, it can optionally use the [[UserForm]] to define user fields as meta data
- [[BulkRegistration]] is for administrators to use to set up one or more accounts: either from a table or from an external file
## Change, Reset and Install Passwords
- [[ChangePassword]] is for users who can remember their password and want to change it
- [[ResetPassword]] is for users who cannot remember their password; a system generated password is e-mailed to them
- [[BulkResetPassword]] if for administrators who want to reset many passwords at once
## Removing User Accounts
To remove a user account (FredQuimby, who logs in as "fred"):
1. If you are using a `.htpasswd` file, edit the `.htpasswd` file to delete the line starting `fred:`
2. Remove the `FredQuimby - fred` line from the Main.TWikiUsers topic
3. Remove `FredQuimby` from all groups and from all the `ALLOWWEB/ALLOWTOPIC...` declarations, if any.%BR% **_Note:_** If you fail to do this you risk creating a security hole, as the next user to register with the wikiname FredQuimby will inherit the old FredQuimby's permissions.
4. _[optional]_ Delete their user topic Main.FredQuimby.
**_Note:_** Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like [[AnUncreatedTopic]]. If you want to make it clear the user is no longer with the organization or has been banished, replace the topic content with a note to that effect. The existance of the UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions..
**_Related Topics:_** [[AdminDocumentationCategory]]