Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Token theft is stealing session cookies or OAuth tokens to impersonate a user and bypass passwords and MFA, often via pass-the-cookie attacks.
Token Theft Definition: Token theft is stealing session cookies or OAuth tokens to impersonate a user and bypass passwords and MFA, often via pass-the-cookie attacks.
Token theft is the capture and reuse of authentication artifacts, such as session cookies, OAuth refresh tokens, or bearer tokens, allowing an attacker to impersonate a user without knowing their password or completing MFA. Techniques include pass-the-cookie attacks, infostealer malware, and adversary-in-the-middle phishing that intercepts post-authentication tokens. Mitigations include token binding, short token lifetimes, conditional access, and phishing-resistant authentication.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →