Secure your small business:
Apps → Data →

Overview: Shared Secret

Quick Definition

A Shared Secret is a static word, phrase, or string of characters agreed upon by two parties in order to confirm identity as a form of knowledge-based authentication (KBA). Passwords are the most common example of shared secrets; through initial password selection, a system and user "agree" that the next time the user attempts to log in, the system will prompt them for the chosen password and the user will provide it, and that if the user fails to provide it, they will not be logged in.

"Secret questions" commonly seen in two-step authentication, such as "What is your mother's maiden name?" or "What was the name of your first pet?" are also instances of shared secrets frequently used for authentication purposes.

Shared secret authentication is both particularly common and also particularly insecure, as the secrets are static, rather short for very practical reasons, often very easy to either brute force or to guess, and relatively easy to steal or lose, whether through phishing, various forms of snooping or interception, or user carelessness.

Need Shared Secret solutions?
We can help!

Plurilock offers a full line of industry-leading cybersecurity, technology, and services solutions for business and government.

Talk to us today.


Thanks for reaching out! A Plurilock representative will contact you shortly.

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.