If a user leaves your organization, has their password compromised, or poses some other security risk, you can make their account inactive to disable it. When you disable a user account, the user can no longer log into the application.