It has become common to authenticate to private content on smartphones or tablets in the presence of trusted individuals such as friends and coworkers - casual, inadvertent and non-malicious observers to whom users do not want to needlessly expose their passwords. Existing shoulder-surfing resistant authentication schemes provide security but are overly burdensome for users in these relaxed scenarios. This paper explores the idea of using heterogeneous multiplexed input codes as a simple technique for creating good-enough solutions to protect against casual observation in non-malicious and relatively secure settings - trading off security for usability.