A workgroup is a peer-to-peer network where each computer manages its own security and user accounts locally. There's no centralized authentication, and each machine maintains its own user database. Workgroups are suitable for small networks (typically under 20 computers).

A domain is a centralized network where a domain controller manages authentication, security policies, and user accounts. All computers in the domain trust the domain controller for authentication. Domains provide centralized management, better security, and scalability for larger organizations.

Key differences:

• Authentication: Workgroup uses local accounts; Domain uses centralized authentication
• Management: Workgroup requires individual computer management; Domain allows centralized management
• Security: Domain provides better security through centralized policies
• Scalability: Workgroups are limited to small networks; Domains can scale to thousands of computers