A dormant account is an account that remains active but has not been used for a significant period of time. It matters because unused accounts often retain permissions without drawing attention from owners or defenders.
What is Dormant Account?
Dormant accounts may belong to former employees, paused contractors, seasonal staff, backup administrators, or service processes that are no longer needed. Even if not actively abused, they increase the attack surface and can complicate incident response.
What Dormant Account Commonly Supports
Common controls include inactivity thresholds, suspension, owner confirmation, review workflows, and eventual removal where appropriate.
Dormant Account vs. Orphaned Account
A dormant account is inactive for a long time. An orphaned account specifically lacks clear ownership or stewardship. Some accounts can be both.
Frequently Asked Questions
Why are dormant accounts risky?
Because they create low-visibility access paths that may still hold significant privilege.
Should every dormant account be deleted immediately?
Not always. Some need staged review or temporary disablement first, depending on business use and dependency risk.
