Whenever a person or a group of persons needs to access database systems, the individual or group must first apply for a user account. The DBA will then create a new account number and password for the user if there is a legitimate need to access the database. The user must log in to the DBMS by entering the account number and password whenever database access is needed. The DBMS checks that the account number and password are valid. If they are the user is permitted to user the DBMS and to access the database. It is straightforward to keep track of database users and their accounts and passwords by creating an encrypted table or file with the two fields passwords and account number. Whenever a new account is created a new record is inserted into the table when an account is canceled, the corresponding record must be deleted from the table. The dataset system must also keep track of all operations on the database that are applied by a certain user throughout each login session, when a user logs in, the DBMS can record the users account number and associate it with the terminal from which the user logged in. all operations applied from that terminal are attributed to the users account until the user log off. If is particularly important to keep track of update operations that are applied to the database so that, if the database is tampered with, the DBA can find out which user did the tampering. If any tampering with the database is suspected a database audit is performed, which consists of reviewing the log to examine all accesses and operations applied to the database during a certain period of time. When an illegal or unauthorized operation is found, the DBA can determine the account number used to perform this operation. Database audits are particularly important for sensitive database that are update by many transactions and users, such as banking database that is update by many bank sellers. A database log that is used mainly for security purpose is sometimes called on audit trails.