Account Harvesting
¨Technique used to determine legitimate userIDs and even passwords of a vulnerable application ¨Targets the authentication process when application requests a userID and password ¨Works against applications that have a different error message for users who type in an incorrect userID
¨