Understanding Re-authenticating

SC text

Intent of Re-authenticating

The intent of this Success Criterion is to allow all users to complete authenticated transactions that have inactivity time limits or other circumstances that would cause a user to be logged out while in the midst of completing the transaction.

For security reasons, many sites implement an authentication time limit after a certain period of inactivity. These time limits may cause problems for persons with disabilities because it may take longer for them to complete the activity.

Other sites will log a person out of a session if a person logs in on the Web site from another computer or if other activities arise that make the site suspicious of whether the person is still the same legitimate person who logged in originally. When users are logged out while still in the midst of a transaction - it is important that they be given the ability to re-authenticate and continue with the transaction without the loss of any data already entered.

Benefits of Re-authenticating

Examples of Re-authenticating

Resources for Re-authenticating

Techniques for Re-authenticating

Sufficient Techniques for Re-authenticating

  1. Providing options to continue without loss of data using one of the following techniques:

Refer to Techniques for Addressing Success Criterion 2.2.1 for techniques related to providing notifications about time limits.

Additional Techniques (Advisory) for Re-authenticating

Common Failures for Re-authenticating