Systems, methods, computer-readable media and application program interfaces are disclosed for enabling server applications to verify purported authentication information, such as passwords, provided by clients in connection with server access requests by leveraging trusted credentials maintained by separate trusted authorities. In some cases, the server applications may lack trusted credentials that may be used to verify the purported authentication information. In those cases, the server applications may identify security principal accounts managed by the separate trusted authorities for which the provided authentication information may be purported to be valid for by the requesting clients. Further, the server applications may request the separate trusted authorities to authenticate the purported authentication information before granting access to the requesting clients. In other cases, the server applications may maintain locally trusted credentials that may be used to verify the provided authentication information without involving the separate trusted authorities.