Timing Adjustable: does it apply to timeout from inactivity (no mouse, keyboard activity)

I've been asked to comment on the newly proposed "timed events"  SC. (1)

What are other evaluators doing with time outs from inactivity?  I've been
recommending a warning before 20 seconds before the time out "Do you need
more time" with  "yes/no" buttons.

But if the session stays open as long as the user is active, one might
argue that the user extended the time limit simply by clicking, scrolling,
typing ... if they did *nothing* it would time out in 15 minutes, but by
using the mouse/keyboard at least every 14:59, they could stay in their
account for up to 150 minutes.

It's a significant question, because if that is the case then I'd say there
is more flexibility with COGA's requests, which would deal with a *truly*
timed events rather than a simple inactivity logout. Security people worry
about an abandoned computer left open to others to exploit and don't like
extending inactivity logouts.



(1) https://github.com/w3c/wcag21/issues/14

David MacDonald

*Can**Adapt* *Solutions Inc.*
Tel:  613.235.4902



GitHub <https://github.com/DavidMacDonald>

www.Can-Adapt.com <http://www.can-adapt.com/>

*  Adapting the web to all users*
*            Including those with disabilities*

If you are not the intended recipient, please review our privacy policy

Received on Thursday, 9 February 2017 14:54:13 UTC