The vast majority of computer servers required a username and shared secret for authentication of network clients. Two types of shared secrets are currently used for authentication: static secrets and dynamic secrets.
Static secrets, such as simple passwords, are typically easy to guess and, therefore, are susceptible to fraudulent usage. Complex passwords, although more difficult to guess, tend to get written down and, therefore, are also susceptible to fraudulent usage.
Dynamic secrets, such as One-Time Passwords (OTPs) are becoming increasingly popular. Whereas static secrets are used for each authentication attempt until expiry, dynamic secrets change with each authentication attempt. Dynamic secrets are typically generated by a portable hardware device or authenticator that must remain synchronized with the server that accepts the secret. Although dynamic secrets provide greater protection from fraudulent activity than static secrets, the security of the authentication scheme can be compromised if the portable authenticator is lost or stolen.
Other authentication schemes use a public/private asymmetric key infrastructure for authentication. The hardware cryptographic token that stores the public/private encryption keys is usually protected by a password that is input to the user's computer user. This password can be easily stolen by rogue software running on the user's computer, thereby reducing the security of the private encryption key(s).