The use of electronic devices for storing and accessing credentials has increased significantly in recent years. Typically, a user provides authorization for accessing the stored credentials by entering a password at a keyboard of the device. Although the user entering the password expects that the input device (e.g., the keyboard) and software receiving the password are not misappropriating the password, the user cannot be sure. For example, a pop-up window of an unscrupulous website may mimic a respected website to trick the user into entering password information or other sensitive information that the user does not intend to share with the unscrupulous website.