W3C home > Mailing lists > Public > w3c-wai-gl@w3.org > October to December 2017

Re: Accessible Authentication and issue responses

From: Patrick H. Lauke <redux@splintered.co.uk>
Date: Sat, 23 Dec 2017 18:39:38 +0000
To: Alastair Campbell <acampbell@nomensa.com>
Cc: Michael Pluke <Mike.Pluke@castle-consult.com>, Andrew Kirkpatrick <akirkpat@adobe.com>, WCAG <w3c-wai-gl@w3.org>
Message-ID: <f3a01cd0-7302-e06e-02c9-1f0135de06f3@splintered.co.uk>
On 23/12/2017 17:15, Alastair Campbell wrote:
>  > How would a user be able to use another browser-based or 
> extension-based password manager or similar tool on a public terminal, 
> for instance?
> Same applies to text-modifications, screenreaders and just about any AT. 
> This is the content guideline.

Not quite, I'd argue. This SC expressly forbids something from being 
done, unless a user is able to use a password manager or similar, or 
there's a  "governing statutory requirements". The same cannot be said 
for, say, text-modifications.

Imagine a web-based (internal) system that can only be accessed on 
locked-down terminals. The system needs to authenticate users, but at 
the same time doesn't allow installation of password managers, or access 
to web-based password managers (and even if it did, the user would have 
to log into the password manager?). Is there any way for this system to 
pass the SC without compromising security/removing authentication 

Patrick H. Lauke

www.splintered.co.uk | https://github.com/patrickhlauke
http://flickr.com/photos/redux/ | http://redux.deviantart.com
twitter: @patrick_h_lauke | skype: patrick_h_lauke
Received on Saturday, 23 December 2017 18:40:04 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 21:08:19 UTC