Privilege creep is the gradual buildup of permissions that are no longer needed as a person’s role changes. It usually happens when users move teams, temporary access is never revoked, or old project rights are left in place because cleanup is slow. Over time, an account can end up with far more access than its current job requires.
This matters because excessive permissions increase attack surface and make incidents worse. If an attacker steals a bloated account, they may inherit access to systems, data, or admin functions that should have been removed. Defenders reduce privilege creep with least-privilege design, periodic access reviews, joiner-mover-leaver workflows, and rapid revocation of stale entitlements. In practice, privilege creep is a common sign that identity governance is working as an onboarding process but not as an ongoing control.



