Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web. (arXiv:2205.10174v1 [cs.CR])

The ubiquity of user accounts in websites and online services makes account
hijacking a serious security concern. Although previous research has studied
various techniques through which an attacker can gain access to a victim's
account, relatively little attention has been directed towards the process of
account creation. The current trend towards federated authentication (e.g.,
Single Sign-On) adds an additional layer of complexity because many services
now support both the classic approach in which the user directly sets a
password, and …

account accounts hijacked security web