Authentication and Identity Confirmation
Most user interfaces are designed to help users complete tasks. However, web security and privacy technologies intentionally introduce barriers to task completion. They require users to perceive more and to do more to complete tasks. Three examples of these technologies are passwords, CAPTCHA, and 2-Factor Authentication.
- Passwords are words or character strings used for authentication and/or for identity confirmation.
-
CAPTCHA is a website widget, which prevents automated programs from submitting a web form intended for humans, by requiring humans to pass a test. Such tests:
- present distorted text visually and/or aurally;
- require users to enter that text into a field; and
- require users to invoke a submit button.
-
2-factor authentication requires a two-stage process to verify the identity of a user. The user is required to have two of three of the following factors:
- knowledge, e.g., password or PIN;
- possession, e.g., mobile device or credit card;
- inherence, e.g., fingerprint or voice print (via biometric device).
Challenges for People with Low Vision
Web security and privacy technologies often block people with low vision who may not be able to:
- discern text they are required to enter and submit;
- recall text or instructions they have seen or heard;
- follow multi-step procedures.
The scope of the problem is vast because, for examples, people with low vision:
- are prevented from purchasing goods and registering for services on the millions of websites that employ web security and privacy technologies;
- may circumvent web security and privacy technologies with insecure techniques/methods;
- may become so frustrated working through web security and privacy technologies that they relinquish their efforts, and thereby are thwarted from purchasing goods and registering for services;
- may be unable to become accustomed to a web security and privacy technology because there are multiple versions of it across websites.
User Need - Authentication:
Easy-to-use web authentication and identity confirmation