Unauthorized

When we describe “unauthorized” access, we’re referring to the accessing of a computer system by breaking any of its security features, such as a login prompt, a password, which would be considered illegal under the U.S. Computer Fraud and Abuse Act, or the CFAA. The Supreme Court in 2021 clarified the CFAA, finding that accessing a system lacking any means of authorization — for example, a database with no password — is not illegal, as you cannot break a security feature that isn’t there.

It’s worth noting that “unauthorized” is a broadly used term and often used by companies subjectively, and as such has been used to describe malicious hackers who steal someone’s password to break in through to incidents of insider access or abuse by employees.