User Management Task: Reviewing Dormant or Expired Accounts

Goal

Identify and clean up unused accounts that may pose security risks.

Review Last Login

lastlog | grep -v 'Never'

Check for Inactive Users

chage -l username

Disable Expired or Inactive Accounts

usermod -L username
chage -E 0 username

Best Practices

• Schedule review every quarter
• Tag service accounts clearly

Tools

• lastlog, chage, usermod, passwd -S