Unauthorized credential use
Unauthorized credential use is a major attack vector.
Attackers gain credentials through phishing, buying exposed credentials on the dark web, or other means. This term can also be used in reference to credential sharing and credential misuse, where multiple employees use a single license, obscuring definite accountability for actions taken. See credential compromise.