An organization recently updated its identity solution. A specialized microservice that handles real-time analytics has started encountering authentication lockouts whenever it connects with its designated identity. Which measure best addresses these repeated lockouts?
Deactivate the specialized identity and rely on a regular user account with a password
Use a shared account that all operators can log in with on a rotating schedule
Adopt short-lived tokens that are frequently retrieved from a central token vault
Require the account to confirm access through a biometric factor each time
Using short-lived tokens from a central vault ensures the specialized service account always authenticates with fresh, valid credentials. This prevents lockouts from stale passwords and supports secure automation. Alternatives like shared accounts, manual user credentials, or biometrics are either insecure or impractical for non-interactive services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are short-lived tokens, and why are they used in authentication?
Open an interactive chat with Bash
What is a central token vault, and how does it enhance security?
Open an interactive chat with Bash
Why are traditional passwords unsuitable for specialized microservices?