Principle of Least Privilege
A security principle holding that any user, system, or process should have only the minimum permissions necessary to perform its function, limiting the blast radius of any compromise.
Also known as: least privilege access, minimal privilege, PoLP
Last reviewed: 10 June 2026
The principle of least privilege limits the potential damage from any single security failure. An employee who needs to read financial reports does not need the ability to modify them; a web application that needs to read a database table does not need to write to or delete from it. By granting only the permissions actually required, organisations ensure that a compromised account, device, or application can only affect the narrow scope it was permitted to touch.
In practice, violations of least privilege are extremely common: default configurations grant excessive permissions, convenience drives over-privileged service accounts, and access is rarely reviewed after it is granted. When attackers breach a privileged account or exploit an over-permissioned application, these oversights allow them to move laterally across systems and cause far greater harm than necessary.
For consumers, least privilege manifests in the permissions they grant to mobile apps and services: location access, contact lists, camera, microphone. Granting only the permissions an app genuinely needs for its function limits the damage if the app is malicious or breached. Reviewing and revoking unnecessary app permissions periodically is the consumer equivalent of a corporate access review.