For years, organizations have relied on passwords and multi-factor authentication (MFA) based on shared secrets like SMS codes and one-time passwords (OTPs) as the foundation of identity security. The rise of computer-using agents (CUAs) will accelerate attackers’ ability to automate and scale phishing and credential-stuffing attacks with minimal effort. As a result, adopting phishing-resistant credentials has shifted from best practice to a necessity. Organizations must prioritize device-bound cryptographic solutions such as FIDO2, passkeys and certificate-based authentication to secure access to SaaS applications. Likewise, SaaS providers should ensure integration with identity platforms that support phishing-resistant credentials to strengthen the overall security posture.
Password usage patterns: The root cause
Organizations increasingly rely on SaaS, with the average enterprise using 106 SaaS applications.
There is well-established research on why managing unique, complex passwords for so many apps can be overwhelming.
- Principle of least effort: Our brains seek shortcuts to reduce cognitive load, making password reuse seem rational.
- Security fatigue: Frequent password changes and complex rules frustrate users, pushing them toward reuse.
As a result, users often rotate between 4–10 core passwords. According to an article by Enzoic, the average person reuses the same password across as many as 14 accounts.
According to a Google-Harris Poll survey, 66% of Americans admit to reusing passwords across multiple accounts.
Even when users attempt uniqueness, changes are typically trivial or formulaic, capitalizing the first letter, appending a number or adding a special character.
Example: Winter2025 → Winter2025!
Attackers exploit these predictable tweaks through mask attacks, systematically testing common variations. They further optimize the prediction logic by leveraging password rules exposed during SaaS sign-in processes.
What’s worse? 73% of users reuse passwords across personal and work accounts, creating a direct path for attackers to access corporate resources. If the compromised user holds privileged access, the impact can be catastrophic.
How attackers exploit these password usage patterns
Once attackers obtain credentials through common techniques such as:
- Phishing: Fake login pages capturing usernames and passwords
- Data breaches: Millions of credentials leaked online
- Keyloggers: Malware recording keystrokes
- Man-in-the-middle attacks: Intercepting traffic on public Wi-Fi
- Social engineering: Manipulating users into revealing secrets
They weaponize these stolen credentials using credential stuffing; automatically testing them across multiple SaaS apps to gain unauthorized access.
Evolution of credential stuffing
Manual login attempts
This legacy approach involved attackers manually testing stolen usernames and passwords across multiple SaaS applications.
Limitations:
- Time-consuming and labor-intensive.
- High likelihood of triggering anomaly alerts from one or more SaaS applications, giving users time to respond before attackers can complete credential stuffing across their targeted app list.
Bot-based automation
To scale attacks, attackers began using bots to mimic clicks on login pages or call APIs exposed by SaaS apps where available. Over time, these bots have also evolved to bypass anti-automation defenses such as IP denylists, rate limiting, CAPTCHAs and bot-behavior detection set in place by SaaS applications. However, challenges remain:
- Bots and scripts are often app-specific and require constant updates as SaaS apps change UI elements.
- They demand coding expertise, custom configurations and sometimes API access.
- Not all bots can bypass every anti-automation measure, forcing attackers to select specific bots for each SaaS app based on its defenses.
- In summary, because web identities are implemented in bespoke ways across thousands of SaaS apps and since SaaS apps also frequently change their UI, scaling a credential stuffing attack is hard. Widespread bot protections further complicated this.
Enter CUAs
Computer-using agents are AI-driven systems that interact with computers and applications through their user interfaces — just like a human would. They are powered by vision-language models (VLMs) and large language models (LLMs), enabling them to combine perception, reasoning, and action planning:
- Perception: Observe screens via pixel data or screenshots to interpret what’s displayed.
- Understanding: Recognize and interpret UI elements—buttons, text fields, menus—just like a human.
- Action: Perform clicks, typing, scrolling and navigation autonomously across apps and websites.
CUAs can outperform bots and scale credential stuffing attacks
When leveraged by attackers, the capabilities of CUAs make them far more effective than traditional bots or automation tools in credential abuse campaigns:
Human-like interaction
Unlike traditional bots or scripts that depend on SaaS app APIs or require custom automation for each app, CUAs interact directly with the same user interface humans use — removing the need for APIs or custom code. This human-like approach enabled by CUA allows attackers to significantly expand the range of SaaS applications they can target for credential stuffing.
Natural language tasking
CUAs can be instructed using plain language commands, eliminating the need for coding skills or technical expertise. This dramatically lowers the barrier to entry for attackers.
Dynamic adaptability
Unlike bots that fail or require constant modification whenever identity-related UI elements change, CUAs perceive pixels, infer elements and adjust workflows on the fly. This dynamic adaptability allows them to seamlessly handle evolving layouts and operate across diverse platforms, significantly reducing complexity.
Adaptive learning
Unlike bots, CUAs learn from failed attempts, optimizing attack sequences and bypassing new defenses.
Resilience against anti-bot defenses
CUAs use full browser stacks and human-like interaction patterns, including realistic click and typing cadence. These behaviors allow them to bypass common defenses such as CAPTCHA and behavioral analytics.
Parallel execution at scale
CUAs perform tasks at machine speed and in parallel, allowing attackers to launch thousands of credential stuffing attempts simultaneously — orders of magnitude faster than manual attacks.
How CUAs can transform social engineering and phishing attacks
These same capabilities of CUA also allow attackers to take social engineering and phishing to an entirely new level. CUAs redefine how and where phishing occurs, shifting from email to social platforms and collaboration tools, where enterprise anti-phishing controls are usually not in place and are also less effective. Using natural language, an attacker can instruct a CUA to create accounts on social platforms, post messages, build credibility and then exploit that trust to deliver phishing links aimed at stealing credentials.
Beyond broad engagement, when targeting a particular user, CUAs can leverage AI to scrape user information from various social platforms and then use it for crafting highly personalized messages that establish rapport and serve as phishing lures, ultimately redirecting the victim to malicious sites.
The recommended shift to phishing-resistant credentials
To defend against these sophisticated attacks, organizations are encouraged by cybersecurity agencies like CISA to implement phishing-resistant credentials, such as passkeys (FIDO2) and public key infrastructure-based credentials.
FIDO2/Passkeys
FIDO2 security keys: These are physical devices, often portable, that a user connects via USB, near-field communication (NFC) or Bluetooth to perform authentication. They contain a user’s private key and use a cryptographic signature to securely authenticate to a service.
Platform-based passkeys: These are a type of FIDO credentials that can be stored on a user’s consumer devices, such as smartphones and laptops. Authentication using these passkeys requires the user to present the biometrics or a PIN to unlock the device before using it.
PKI-based credentials
Certificate-based authentication/smart cards: Relies on a physical smart card that contains a digital certificate and private key. Authentication requires the card’s presence and the user presenting a PIN to unlock the private key in the card.
How these credentials resist phishing
- No shared secrets: There are no passwords or one-time codes that can be intercepted, stolen by a phisher or reused in a replay attack.
- Cryptographically verified: Instead of a password or one-time code, a cryptographic key pair is involved in authenticating the user; the private key is the secret, which never leaves the user’s device, and the server can verify the user’s identity without ever transmitting this secret.
- Device-bound: The private key of the cryptographic key pair is bound to a specific physical device. Unless the attacker can sign in to the user’s device, the attacker cannot use the private key to generate the cryptographic signature.
- Origin-bound: In the case of Passkeys, the keys are cryptographically tied to a specific website or app’s domain, ensuring it can only be used for that exact service and not on a malicious or replica site.
Call for action
- Organizations: Enforce phishing-resistant credentials across all SaaS apps.
- SaaS providers: Integrate with identity platforms supporting phishing-resistant credentials.
- Security leaders: Treat this as a necessity, not aspirational. The cost of delay is compromise at scale.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?