One of the most important considerations when configuring a Web site is how the site will be secured. For example, most Web sites allow anonymous access by default, allowing any users to connect without the need to be authenticated. However, IIS does allow you to disable anonymous authentication and require that users supply a user name and password when attempting to access your site. To change the authentication settings for your Web site, click the Directory Security tab and click the Edit button in the Anonymous access and authentication control section. This will open the Authentication Methods dialog box. To disable anonymous access, uncheck the checkbox, and then check the Basic authentication checkbox. This will force connecting users to provide a username and password when connecting. To create these user accounts, simply use the User Accounts applet in Control Panel, as if you were creating a normal local user account.