A one time password (OTP) may be provided to a client device and may be used by the client device to verify an identity of an associated user. For example, the client device may use the OTP to perform various actions, such as accessing restricted information, purchasing goods and services, requesting changes to an account, etc. However, use of the OTP by an unauthorized third party may be difficult to detect. For example, the OTP may be intercepted by the third party during transmission to the client device, or the client device, if lost, may be used by the third party to obtain the OTP.