Accounts

Best practices for inactive accounts

Best practices for inactive accounts
  1. What's the danger of an inactive account?
  2. Which of the following are best practices for disabling unused user accounts?
  3. How quickly must inactive accounts be removed or disabled?
  4. Do companies delete inactive accounts?

What's the danger of an inactive account?

Inactive accounts or accounts that have never logged in to a machine are also known as “stale” user accounts. Stale accounts pose a security risk to organizations. Each one of these accounts offers a malicious actor an opportunity to gain access to resources.

Which of the following are best practices for disabling unused user accounts?

Active Directory features are the best bet for manually disabling and deleting unused accounts but they are effective only when the AD environment is small.

How quickly must inactive accounts be removed or disabled?

The STIG stipulates that all accounts are to be disabled after 30 days of inactivity/no access.

Do companies delete inactive accounts?

No. It has no concept of an “inactive” account. An account will only be deleted if the owner does so explicitly. EDIT: this is no longer true.

Target Minimum touch target area requirement for AA conformance
Minimum touch target area requirement for AA conformance
What is the recommended target size for touchscreen objects?What is touch target?What is target size?What is WCAG 2.1 AA standards? What is the reco...
Radio Radio button group or Checkbox?
Radio button group or Checkbox?
What is difference between group of checkbox and radio button?In which situation should you use a radio button or checkbox?Which is better radio butt...
Sender How to prevent users from spamming the system with record updates back and forth?
How to prevent users from spamming the system with record updates back and forth?
How can Spamming be prevented?Which anti-spam technique uses a TXT record in DNS?Which of the following can be used to stop spammers? How can Spammi...