If you just want to use Windows SSO as authentication method, omit the USERID and PASSWORD columns. If you want to mix USERID/PASSWORD logins with SSO access, put an asterisk in the USERID & PASSWORD fields for every user that has to be able to log in via SSO. Those users will need an NTNAME entry for sure.
BTW don't forget to create a Section Access; area in your load script that performs a LOAD of the data from your specific QMC table. There is no automatically applicable security with data reduction in QlikView.