There is often a need to ensure that a user of a computing device is the owner of the computing device or is otherwise authorized to use the computing device, such as when the user attempts to access a sensitive application or data that are stored on the computing device, or when the user attempts to use the computing device to remotely access a user-associated account, such as via a computer network. Where an individual is in possession of stolen credentials (e.g., via “phishing”) of an authorized user of a computing device, such an individual may often use the stolen credentials to successfully pose as the authorized user when using the computing device.