Re: CFC Add Accessible authentication into Editors Draft from Joshue O Connor on 2017-06-20 (w3c-wai-gl@w3.org from April to June 2017)

From: Joshue O Connor <josh@interaccess.ie>
Date: Tue, 20 Jun 2017 19:49:56 +0100
To: WCAG <w3c-wai-gl@w3.org>
Message-ID: <59496E54.20208@interaccess.ie>
Hi all,

I placed older SC text into the CFC - The current SC text for this one 
is: [1]

Essential steps of an authentication process, which rely upon recalling 
or transcribing information, have one of the following:

  *      alternative essential steps, which do not rely upon recalling
    and transcribing information; or
  *      an authentication-credentials reset process, which does not
    rely upon recalling and transcribing information


There is an exception for basic identifying information that the user 
has easy access to, such as: name, address, email address and 
identification or social security number.

There is an exception when this is not achievable due to legal requirements.

Thanks

Josh


[1] 
https://rawgit.com/w3c/wcag21/accessible-authentication_ISSUE-23/guidelines/#accessible-authentication



Joshue O Connor wrote:
> Call For Consensus — ends FridayJune 23rd at 1:00pmBoston time.
>
> The Working Group has reviewed and approved a Success Criterion for 
> inclusion in the Editor’s Draft: "Accessible Authentication" with the 
> goal of obtaining additional input external to the working group.
>
> SC TEXT:
>
> *User Authentication Methods:*A user authentication method is offered 
> that does not rely upon a user's ability to memorize information; 
> recall information from memory; speak; or mentally process presented 
> or recalled information beyond the mental processes that are required 
> to use a simple web page.
>
> An alternative user authentication is available for users who are 
> unable to use the primary user authentication method, unless it can be 
> shown that all users have access via the primary method. This 
> alternative user authentication method does not rely upon the user's 
> ability to do any of the following:
>
>   * memorize character strings, including memorizing correct spellings; or
>   * perform calculations, such as including correctly identifying and
>     entering numbers and letters from a character string; or
>   * speak; or
>   * reliably produce gestures; or
>   * recognize characters presented on screen, and then enter them into
>     an input field.
>
> *Exception:*A user identification method, which relies on one of the 
> above abilities, can be the alternative method if an ability is 
> essential to make effective use of the content accessed via the user 
> authentication method.
>
>
> Survey results:
> https://www.w3.org/2002/09/wbs/35422/COGA_Auth/results
> GIT Hub: https://github.com/w3c/wcag21/issues/23
>
> The new SC can be reviewed here, in the context of the full draft:
> https://rawgit.com/w3c/wcag21/accessible-authentication_ISSUE-23/guidelines/#accessible-authentication 
>
>
> If you have concerns about this proposed consensus position that have 
> not been discussed already and feel that those concerns result in you 
> “not being able to live with” this decision, please let the group know 
> before the CfC deadline.
>
> Thanks
> -- 
> Joshue O Connor
> Director | InterAccess.ie

-- 
Joshue O Connor
Director | InterAccess.ie
Received on Tuesday, 20 June 2017 18:50:30 UTC