RE: technique to include security from lisa.seeman on 2015-08-18 (public-cognitive-a11y-tf@w3.org from August 2015)

From: lisa.seeman <lisa.seeman@zoho.com>
Date: Tue, 18 Aug 2015 17:18:26 +0300
To: "lisa.seeman" <lisa.seeman@zoho.com>
Cc: "Rochford" <john.rochford@umassmed.edu>, "public-cognitive-a11y-tf" <public-cognitive-a11y-tf@w3.org>
Message-Id: <14f412b11d8.c761f82261544.2301389945670997523@zoho.com>

I think we may want to separate  the text of what might be a success criteria with text that might go under a "how to meet this criteria).  If we are too prescriptive on the highest level then our advice can become very narrow, and we might not stay relevant for long. we all agree we want to be prescriptive - but the question is where.


Also note that the idea was for a technique that could include the security requirements. The new text no longer includes that.




I will add the proposal to the agenda for next weeks call 




 best

Lisa Seeman

Athena ICT Accessibility Projects
LinkedIn, Twitter





---- On Tue, 18 Aug 2015 16:29:33 +0300 lisa.seeman&lt;lisa.seeman@zoho.com&gt; wrote ---- 

Hi John

It does contain contain information  about what they should do, but it has them after the examples of what not to do 
such as 
"Having tokens, signing in via email account or face book, or biometrics are all alternatives to the above"


All the best

Lisa Seeman

Athena ICT Accessibility Projects
LinkedIn, Twitter





---- On Tue, 18 Aug 2015 13:46:27 +0300  Rochford&lt;john.rochford@umassmed.edu&gt; wrote ---- 

  Hi Lisa,
  
 My first impression about this approach is that it does not provide developers any recommendations about what they *should* do, which is the optimal approach.
  
 John
  
 John Rochford
 UMass Medical School/E.K. Shriver Center
 Director, INDEX Program
 Instructor, Family Medicine &amp; Community Health
 www.DisabilityInfo.org
 Twitter: @ClearHelper
  
  
  
   From: lisa.seeman [mailto:lisa.seeman@zoho.com] 
 Sent: Tuesday, August 18, 2015 6:02 AM
 To: public-cognitive-a11y-tf &lt;public-cognitive-a11y-tf@w3.org&gt;
 Subject: technique to include security
 
 
  
   Hi 
 
  I was thinking of the following technique as a way to include security and other considerations
 
   
 
   
 
   
 
 "Do not require cognitive abilities when it is  avoidable"
   
   
 
  In security this may include:
 
  Requiring that the user has a good working memory or short term memory required to copy a code
 
  Requiring that the user can remember complex passwords
 
  Requiring that the user can remeber spelling of terms used in security questions such as how to spell a strange pets name
 
  Requiring that the user can remember visual patterns
 
   
 
  Having tokans, signing in via email account or face book, or biometrics are all alternatives to the above
 
   
 
   
 
  In voice  systems this may include,
 
    Requiring the user to understand categories,
 Requiring the user to remember numbers
 can all be used as a barrier to getting human help
 
  is is aviodable by having 0 as a reserved digit to access a human
 
   
 
  In the Web of things this may include:
 
    remembering what symbols mean
 remembering sequences to run certain tasks
 
  This is aviodable by having simple text with symbols and 
 
  clear discovrability of how o complete each task
 
  and recovrability from errors
 
   
   
 
   
  All the best
 
 Lisa Seeman
 
 Athena ICT Accessibility Projects
 LinkedIn, Twitter

Received on Tuesday, 18 August 2015 14:18:52 UTC