An identity credential; previously stored personal questions and answers. Also known as Challenge/Response. It can be used for stronger authentication (as additional passwords) or for password resets (if forgotten). For example; mothers maiden name, name of your first pet, favourite football team, preferred cuisine. It must be stored encrypted. It may be compromised by social engineering and multiple attempts. Not to be confused with shared information (such as date of birth, last payment amount, last document reference number) which is not encrypted and is known to the service provider and anyone on their help desk; these are not secret although they are sometimes called by the misnomer "shared secrets".

Source: http://identityaccessman.blogspot.com/2006/08/identity-dictionary.html