• An attack in which an attacker steals authentication tokens after all factors have been validated. These tokens, which can include cookies but also bearer tokens as well as JWTs (JSON Web Tokens), are then used to perform session hijacking.

1. More about this term (beta): articles and videos, books, web search
2. Previous term: Pascal case
3. Next term: Passkey
4. Random term: IP address (or roll the dice with webglossary.info/random)