Skip to main content Skip to docs navigation
View on GitHub

Replay Attack

In web security, a replay attack happens when an attacker intercepts a previously-sent message and resends it later to get the same credentials as the original message, potentially with a different payload or instruction.

On this page

Replay attack

Replay attacks can be prevented by including a unique, single-use identifier with each message that the receiver can use to verify the authenticity of the transmission. This identifier can take the form of a session token or "number used only once" ("nonce").

See also

Updated on April 20, 2024 by Datarist.