Dwell time has two distinct meanings in cybersecurity, one related to cyberattacks and the other related to identity authentication.
In cybersecurity generally, dwell time is a measure of the time period between an attacker's first illicit access to an information system and the moment at which this access is detected. During this time period, they are said to "dwell" within the system.
Dwell time can be reduced by increasing visibility, improving analytics, employing security-related automation, and employing strategies like continuous authentication and zero trust to limit or flag suspicious behaviors and prevent privilege creep.
In behavioral biometrics, dwell time is is a measure of the duration of a keypress. Dwell time is one of the signals used in keyboard dynamics in particular, to recognize a particular individual's typing characteristics.