Secrets are often used to provide and confirm the authenticity, privacy and integrity of secured messages. As an example, a secret token may be shared between an application and a server to authenticate the application. In encryption, a secret key may be used to change cleattext to ciphertext as a way to maintain privacy of the cleartext. A Hash-based Message Authentication Code may be used to verify the integrity of a message. However, each of these advantages depends on a secret remaining undisclosed to unauthorized parties.
A secret may be shared with a client who is able to enter that secret into an appropriate device. In some cases, the client may type the secret into an interface on the device. In other cases, the client may copy and paste a block of text to enter the secret. In yet other cases, the client may take a picture of a screen to obtain the secret, such as through optical character recognition or optical code. Unfortunately, if the secret is available to the client, the secret may be viewable by other people as well. While various techniques have been employed to effectively share a secret with only intended parties, due to the complexity of the tasks, the employed techniques are of varied success.