The principle of granting each user or process only the access rights it needs to do its job, and no more.
Least privilege limits every account, role, and process to the minimum permissions required for its task. By keeping access narrow, it reduces the harm that can result from mistakes, compromised credentials, or insider misuse.
In practice it means avoiding broad administrative rights, reviewing access regularly, and removing permissions promptly when they are no longer needed.
Related frameworks
KaitoSec