As computing becomes more social and spans across devices, users need to authenticate themselves while using an increasing number of foreign devices. Often, those foreign devices are public, untrusted devices or are less-capable, special-purpose devices. Authenticating on such foreign devices allows the user to receive personalized services or to perform tasks using personal data. For example, a user may wish to authenticate to a friend's networked television set in order to share personal pictures or a movie; a user may wish to complete a purchase transaction using an online e-commerce identity; a user may provide personal information to a digital sign or kiosk in a retail store, in order to perform a personalized search for goods; and/or a user may log in to a website on a public computer, such as in an internet café. Of course, authenticating oneself directly on the public, untrusted device may expose the user's password, identification, and/or other personal information. For example, the public, untrusted device may have a virus or malware configured to capture and store such personal data.