In an example there is provided a method of authenticating a user. An authentication challenge is received in response to a request to authenticate a user. The challenge is distributed to each device from a subset of a set of registered devices. At each device a share of an authentication token is accessed and a partial response to the challenge is generated based on an authentication token and challenge. A response to the challenge is generated by combining the partial responses from the subset of devices, and is communicated to an authenticator. The user is authenticated when the subset of devices is an authorised subset. Every authorised subset of the set of registered devices comprises at least one device from the first group of devices.