Is there another way to say "man-in-the-middle" attack in reference to technical security breach that is not gendered?

Our company has determined that the term "man-in-the-middle (attack)", which is computer science lingo, is non-compliant with our stance on gender neutrality.

What is the best way to use this terminology and be gender neutral while maintaining communication efficiency?


What is the best way to use this terminology and be gender neutral while maintaining communication efficiency?

I would suggest that your original term, "man-in-the-middle (attack)", remains the best fit. It's not true that this can't be considered gender neutral - most dictionaries will confirm that there is a sense of the word 'man' that can stand for any person, e.g. from google: 2. a human being of either sex; a person.

Note that two of the most common "men in the middle" in examples are Eve (here, here, here) and Mallory (here) - i.e. most likely female. These names come from the common cast of characters in cryptographic literature.

Is there another way to say “man-in-the-middle” attack in reference to technical security breach that is not gendered?

There are other ways, mentioned in other answers, but not ways that will be as easily understood. "Man in the middle" is something of a fixed phrase, often abbreviated as MITM.

Variations such as "Monster in the Middle" are fun, but if communication efficiency is a concern, most people are going to find them a distraction. This may of course change over time if "Monster in the Middle" starts to catch on.

Our company has determined that the term "man-in-the-middle (attack)" is non-compliant with our stance on gender neutrality.

I would expect such a company to recommend an alternative term.


There are several gender-neutral names for a MITM attack¹:

• monster-in-the-middle

Since 1989, experts have been arguing that Internet security requires cryptographic protocols, ensuring security against Monster-in-the-Middle (MitM) attackers.
— Cornell University

• machine-in-the-middle

There are known attacks on (D)TLS, such as machine-in-the-middle and protocol downgrade.
— MIT

• monkey-in-the-middle

Although monkey-in-the-middle (MITM) attacks are well-known, little is done to prevent them.
— Educause

• person-in-the-middle (PITM)

TLS depends on public-key cryptography to establish session keys to secure each connection and prevent person-in-the middle attacks.
— Information Sciences Institute

Since (a) you can keep the "MITM" abbreviation and (b) there is a popular analogous game by that name, I suggest "monkey-in-the-middle attack".