Techniques are disclosed relating to a computer system including a first mobile device that stores information that is inaccessible without a value stored on a second mobile device. In some embodiments, the first mobile device stores a plurality of one-time password generation routines executable to generate one-time passwords usable to authenticate user access to an electronic resource, and the second mobile device stores a plurality of supplemental authentication values that correspond to the one-time password generation routines. A particular one-time password generated by the first mobile device using a particular one-time password generation routine is inaccessible without the corresponding particular supplemental authentication value stored on the second mobile device. In embodiments, the particular supplemental authentication value is sent to the first mobile device and the corresponding particular one-time password generated by the first mobile device using the corresponding particular one-time password generation routine becomes accessible.