A challenge based authentication mechanism that does not require that the authenticating computing entities be aware of the secret data used for the initial authentication. An authenticator computing entity is to authenticate to the authenticatee computing entity. First, the authenticatee computing entity acquires a challenge from a supplemental authenticatee computing entity. The authenticatee computing entity provides the challenge to the authenticator computing entity, which has a supplemental authenticator computing entity solve the challenge. The authenticator computing entity sends the answer to the authenticatee computing entity, which uses the answer to authenticate the authenticator computing entity.