- From: Patrick H. Lauke <redux@splintered.co.uk>
- Date: Sat, 23 Dec 2017 18:39:38 +0000
- To: Alastair Campbell <acampbell@nomensa.com>
- Cc: Michael Pluke <Mike.Pluke@castle-consult.com>, Andrew Kirkpatrick <akirkpat@adobe.com>, WCAG <w3c-wai-gl@w3.org>
On 23/12/2017 17:15, Alastair Campbell wrote: > > How would a user be able to use another browser-based or > extension-based password manager or similar tool on a public terminal, > for instance? > > Same applies to text-modifications, screenreaders and just about any AT. > This is the content guideline. Not quite, I'd argue. This SC expressly forbids something from being done, unless a user is able to use a password manager or similar, or there's a "governing statutory requirements". The same cannot be said for, say, text-modifications. Imagine a web-based (internal) system that can only be accessed on locked-down terminals. The system needs to authenticate users, but at the same time doesn't allow installation of password managers, or access to web-based password managers (and even if it did, the user would have to log into the password manager?). Is there any way for this system to pass the SC without compromising security/removing authentication altogether? P -- Patrick H. Lauke www.splintered.co.uk | https://github.com/patrickhlauke http://flickr.com/photos/redux/ | http://redux.deviantart.com twitter: @patrick_h_lauke | skype: patrick_h_lauke
Received on Saturday, 23 December 2017 18:40:04 UTC