A method, often covert, that bypasses normal authentication or encryption in a system, allowing unauthorized access or control. Typically associated with malicious intent, these can be inserted intentionally for maintenance or troubleshooting but may also be exploited by adversaries to gain unpermitted access, which can lead to information theft, system damage, or other adverse impacts.