Mechanisms exist to ensure that unencrypted, static authenticators are not embedded in applications, scripts or stored on function keys.