You have a lot of duplicate data being stored. Consider this alternative:
person
------
id
login
password
firstname
lastname
email
boss
----
id
person_id
employee
--------
id
person_id
I can store the exact same information using this structure as you can in yours, but each 'person' will only have a single firstname/lastname, email address, login and password. You should only store in the boss / employee tables information that is relevant to only that entity. A boss for instance might have a security_code
field whereas a regular employee wouldn't.
You shouldn't try to keep id primary keys between two different tables to match up (i.e., boss id doesn't need to match person id). Instead, add the person_id foreign key so that if you have a boss record you can easily lookup their information in the person table from that.