W3C home > Mailing lists > Public > public-cognitive-a11y-tf@w3.org > November 2017

References related to cognitive impairments and authentication

From: EA Draffan <ead@ecs.soton.ac.uk>
Date: Thu, 30 Nov 2017 20:04:37 +0000
To: "public-cognitive-a11y-tf (public-cognitive-a11y-tf@w3.org)" <public-cognitive-a11y-tf@w3.org>, WCAG <w3c-wai-gl@w3.org>
Message-ID: <7181A95B72F5B04C94BEF10CEC91E7969DA66255@SRV00047.soton.ac.uk>
I promised in coga call to provide references that highlight the issues of single versus multifactor authentication. I started with general population preferences that showed (in one paper) " participants were willing to use an authentication method that takes more time to complete in order to increase security in collaborative settings, i.e. they felt less secure using single-factor authentication based on possession only" (Brun et al,  2014) which is not what is generally felt when discussing the subject.
https://www.researchgate.net/profile/Anders_Bruun2/publication/281447666_Usability_of_Single-_and_Multi-Factor_Authentication_Methods_on_Tabletops_A_Comparative_Study/links/57a31ef508ae28c09541e28a.pdf

Ma et al (2013) https://dl.acm.org/citation.cfm?id=2493173 highlight extended times being taken with login and password systems when working with those who have Intellectual Disabilities (ID).

Quotes
" After generating a password that meets all the requirements (normally with assistance), we observed students with ID frequently face challenges with recalling it. Many students struggled to remember and correctly type mixed case passwords, even when written down."
" All researchers noted that it was common for students with ID to become visibly frustrated while performing online activities involving meta-skills"

A later paper confirms "challenges [for young adults with intellectual disabilities] related to keyboard performance, confusion during online navigation tasks, and frustrations with failed authentication."(Buehler et al, 2016) https://dl.acm.org/citation.cfm?id=2899481

Anecdotally coga task force experts on today's call felt that a more complex authentication, such as having to check an SMS or go through a number of processes would further increase the time spent on the task and increase frustration levels or failure.

Hopefully others may have found more papers to confirm these findings in multifactor authentication situations for those with cognitive impairments.

Best wishes
E.A.

Mrs E.A. Draffan
WAIS, ECS , University of Southampton
Mobile +44 (0)7976 289103
http://access.ecs.soton.ac.uk<https://www.outlook.soton.ac.uk/owa/redir.aspx?C=69b1RzNTDwem3wbm4pLRmuYfTLt16YjcghtEpZBsF5Sebx78I2DUCA..&URL=http%3a%2f%2faccess.ecs.soton.ac.uk%2f>
UK AAATE rep http://www.aaate.net/<https://www.outlook.soton.ac.uk/owa/redir.aspx?C=WUwOCw_4FszLSzcUbkoFdDkad8-Q_GrRfPYUJ_ol5l2ebx78I2DUCA..&URL=http%3a%2f%2fwww.aaate.net%2f>
Received on Thursday, 30 November 2017 20:05:20 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:00 UTC