W3C home > Mailing lists > Public > public-agwg-comments@w3.org > September 2020

RE: Accessible Authentication

From: Alastair Campbell <acampbell@nomensa.com>
Date: Mon, 21 Sep 2020 08:09:49 +0000
To: Courtney Heitman <Courtney_Heitman@gallup.com>
CC: "public-agwg-comments@w3.org" <public-agwg-comments@w3.org>
Message-ID: <DB8PR09MB33393586F241C902298E3020B93A0@DB8PR09MB3339.eurprd09.prod.outlook.com>
Hi Courtney,

Thanks for your feedback.

We have a few similar issues already raised in our issue-tracking system, e.g:
https://github.com/w3c/wcag/issues/1320 (username/password)
https://github.com/w3c/wcag/issues/1363 (username/password)
https://github.com/w3c/wcag/issues/1256 (Captcha)

I can add yours as another issue for you to follow, or you could follow those ones on the github site. (With an account, you can subscribe to notifications for any issue.)

Kind regards,


From: Courtney Heitman <Courtney_Heitman@gallup.com>
Sent: 16 September 2020 19:57
To: public-agwg-comments@w3.org
Subject: Accessible Authentication


I was reading over the WCAG 2.2 draft, and I have a couple comments on proposed SC 3.3.7 Accessible Authentication.

  1.  There’s use of the term “username” and “email” somewhat interchangeably between the Intent and Examples section. Are we assuming that emails and username are the same? I know there’s websites that allow for both in case you don’t want your username to be your email.
  2.  There are some websites that force users to complete captcha requirements upon an unsuccessful login to prevent bots from attempting to log in. The paragraph about cognitive function tests under the Intent section would include these. Does this mean we need to make sure that the captchas we are using are the ones with the checkbox and text of “I’m not a robot”, since most other captcha methods would fail this?

Thanks for all the work you’re doing!
Received on Monday, 21 September 2020 08:10:06 UTC

This archive was generated by hypermail 2.4.0 : Monday, 21 September 2020 08:10:08 UTC