2-2-6 Revision

From WCAG WG

Latest Version For Authentication (AAA)

Authentication processes do not rely upon the user to do any of the following:

  • recall information;
  • manipulating, parsing or performing calculations on alphanumeric strings;
  • produce gestures;
  • transcribe information.


Exceptions:

  • Authentication process can rely on the user or user-agent entering personal identification information for name, username, password, identification number, and email address if the web content does not block automatic entry.
  • There are governing statutory requirements that require the use of memorisation, calculations, gestures or transcription in authentication processes.

Version after 11/27 call for Accessible Authentication (A)

Required steps of a re-authentication process which rely upon recalling or transcribing information have one of the following:

  • alternative required steps, that do not rely upon recalling or transcribing information
  • an authentication-credentials reset process, which does not rely upon recalling or transcribing information

Except for when any of the following are true:

  • Re-authentication process only relies on basic personal identification information to which the user has easy access, such as name, address, email address and national identification number.
  • This is not achievable due to governing statutory requirements.


354

https://github.com/w3c/wcag21/issues/354

Proposed response (by AWK): This SC has been modified in its form and moved to AAA. Please review the editor's draft for the updated version.

440

https://github.com/w3c/wcag21/issues/440

Proposed response (by AWK): This SC has been modified in its form and moved to AAA. Please review the editor's draft for the updated version.

441

https://github.com/w3c/wcag21/issues/441

Proposed response (by AWK): The exception related to existing legal requirements has been changed, but as your point is more related to the applicability of such an exception outside of legal requirements it may be more relevant that the SC has been moved to AAA.

442

https://github.com/w3c/wcag21/issues/442

Proposed response (by AWK): The WG recognizes the need for further research in this area, which contributed to the decision to move this SC to AAA.

473

https://github.com/w3c/wcag21/issues/473

Proposed response (by AWK): The WG recognizes the challenges presented by this SC, but also believes that new developments such as using the Web Authentication API when it is available will make support for this SC easier. The WG has moved this SC to AAA.

503

https://github.com/w3c/wcag21/issues/503

Proposed response (by AWK): The WG has moved this SC to AAA.

542

https://github.com/w3c/wcag21/issues/542

Proposed response (by AWK): The WG appreciates your detailed work on the comment. This SC has been modified in its form and moved to AAA. Please review the editor's draft for the updated version.

553

https://github.com/w3c/wcag21/issues/553

Proposed response (by AWK): This SC has been modified in its form and moved to AAA. Please review the editor's draft for the updated version.

564

https://github.com/w3c/wcag21/issues/564

Proposed response (by AWK): The WG has changed this to be at level AAA, and changed the legal exception to read: There are governing statutory requirements that require the use of memorisation, calculations, gestures or transcription in authentication processes.

Retrieved from "https://www.w3.org/WAI/GL/wiki/index.php?title=2-2-6_Revision&oldid=9542"