Dormant accounts are active accounts no longer used by their owner — former employees, old service accounts, test accounts. Prime targets for attackers.
Regular access reviews identify dormant accounts. Automated deprovisioning reduces risk. Lock or delete accounts inactive for 90+ days. Service accounts with no recent logins may be orphaned.