Check or Attack Name: Dormant Account

The user has not logged in for the amount of time specified by your policy. User accounts that are dormant can be exploited by an attacker, and should be removed if the account is no longer needed.

Disable the account if it is not needed. To disable an account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. Select the Account Disabled check box.
5. Click OK.

Remove the account if it is not needed. To remove an account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user account to be removed.
3. Press Delete and confirm the delete action.