An organization recently updated its identity solution. A specialized microservice that handles real-time analytics has started encountering authentication lockouts whenever it connects with its designated identity. Which measure best addresses these repeated lockouts?
Require the account to confirm access through a biometric factor each time
Adopt short-lived tokens that are frequently retrieved from a central token vault
Deactivate the specialized identity and rely on a regular user account with a password
Use a shared account that all operators can log in with on a rotating schedule
Using short-lived tokens from a central vault ensures the specialized service account always authenticates with fresh, valid credentials. This prevents lockouts from stale passwords and supports secure automation. Alternatives like shared accounts, manual user credentials, or biometrics are either insecure or impractical for non-interactive services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a short-lived token?
Open an interactive chat with Bash
What is a central token vault, and how does it work?
Open an interactive chat with Bash
Why are shared accounts not recommended for specialized services?