When software first needed to authenticate on enterprise networks in the 1990s, nobody designed a credential type for it. Engineers created a user account, removed the human, and moved on. No lifecycle tracking. No owner on record. No offboarding trigger when the project that spawned it quietly dissolved.
RPA scaled the same shortcut. Bots got worker-shaped identities faster than any governance function could catalog them. Deloitte found that most enterprises never achieved RPA at scale, largely because scattered bot ecosystems accumulated duplicated logic and inconsistent oversight. The governance gap wasn't a failure of awareness. Gartner flagged segregation-of-duties risks in 2018. Deployment velocity simply outran institutional response, every time.
AI agents are the third generation inheriting this trajectory. They authenticate with familiar credential patterns. But a service account ran a fixed script with fixed permissions. An agent interprets context and decides what to do next. The organizational surface area of a single credential just changed fundamentally, and the governance architecture around it hasn't changed at all.