Techniques are disclosed relating to authenticating a client computer system to a server computer system. In some embodiments, a client computer system sends, to a server computer system, authentication information for an initial access request for one or more resources. This information may include authentication credentials and attributes that collectively identify the client computer system. In some embodiments, the client computer system receives, from the server computer system, an authentication response that indicates an initial authentication of the client computer system. In some embodiments, the authentication response includes a cryptographic key. While the initial authentication is valid, in some embodiments, the client computer system repeatedly re-authenticates for subsequent access requests. Each of the subsequent access request may include a single-use password generated using a cryptographic key and the attributes of the client computer system.