Accessible Authentication
- Christina Lutz-Hatfield
Don't make people solve, recall, or transcribe something to log in.
Some people with cognitive disabilities cannot solve puzzles, memorize a username and password, or retype one-time passcodes.
Ensure there is an accessible, easy-to-use, and secure method for users to authenticate when logging into an existing account.
Web sites commonly rely on usernames and passwords to log in.
However, memorizing a username and password places a very high or impossible burden upon people with certain cognitive disabilities, as do additional steps often added to authentication processes.
For instance, the need to transcribe a one-time verification code or requiring a puzzle to be solved.
A cognitive function test (such as remembering a password or solving a puzzle) is not required for any step in an authentication process unless that step provides at least one of the following:
Alternative
Another authentication method that does not rely on a cognitive function test.
Mechanism
A mechanism is available to assist the user in completing the cognitive function test.
Object Recognition
The cognitive function test is to recognize objects.
Personal Content
The cognitive function test is to identify non-text content the user provided to the Web site.
Â
Please see more detailed information on how to comply with this guideline.