Stale Account

governance

User account that has not been used for an extended period, typically 90 days or more.

See your drift in 5 minutesRun a free baseline scan

Free baseline scan · No credit card · 5 minute setup

What is Stale Account?

Stale accounts represent security risk because they may belong to former employees, contractors, or forgotten service accounts. These accounts can be compromised and used by attackers without anyone noticing the unusual activity. Regular identification and remediation of stale accounts reduces the attack surface.

In Microsoft 365

Azure AD sign-in logs track last sign-in date. Users who have not signed in for 90+ days can be identified through reporting or Microsoft Graph queries. Stale accounts should be disabled or deleted after verification with the HR system or account owner.

Examples

1Former employee account still enabled
2Contractor account from completed project
3Test account never cleaned up

Related TrueConfig Controls

These controls help implement and verify stale account in your Microsoft 365 environment.

GOV-01Review Stale User Accounts GOV-02Automatically Disable Stale Accounts

Frequently Asked Questions

What is Stale Account?▼

User account that has not been used for an extended period, typically 90 days or more.

How does Stale Account work in Microsoft 365?▼

What are examples of Stale Account?▼

Examples of Stale Account include: Former employee account still enabled, Contractor account from completed project, Test account never cleaned up.

Which TrueConfig controls relate to Stale Account?▼

TrueConfig controls related to Stale Account include: GOV-01, GOV-02. These controls help implement and verify stale account in your environment.

Related Terms

Access Review

Periodic evaluation of user access rights to ensure appropriate access and remove unnecessary permissions.

← Back to Glossary Browse Controls →