The use of a secret password or encryption key that is entered into both sides of the message exchange ahead of time. A preshared key (PSK) is typed into both the client and the server (authentication server, access point, etc.) or entered via USB, CD-ROM or smart card. Contrast with "server-based key," in which one side generates a key and sends it to the other side during the authentication session (see
FIDO).