AI agents make machine access a bigger security issue

Passwordless login has reduced the problem of stolen human passwords, but many system logins now come from things that are not people. s, API keys, and cloud workloads, and all connect to systems and act continuously. are said to outnumber human identities by 144 to 1.

In 2025, 28.65 million leaked into public code, and 80% of companies said their had already done things they were not cleared to do. The riskiest access may now come from apps and machines that are not being watched closely enough.

Key points

  • Passwordless login helps with stolen human passwords, but it does not solve machine access risk.
  • are said to outnumber human identities by 144 to 1.
  • s, API keys, workloads, cloud workloads, and are key sources of non-human access.
  • In 2025, 28.65 million leaked into public code.
  • 80% of companies said their had taken actions they were not cleared to take.
Read original