Re: Accessible Authentication and issue responses

On 23/12/2017 17:15, Alastair Campbell wrote:
>  > How would a user be able to use another browser-based or 
> extension-based password manager or similar tool on a public terminal, 
> for instance?
> 
> Same applies to text-modifications, screenreaders and just about any AT. 
> This is the content guideline.

Not quite, I'd argue. This SC expressly forbids something from being 
done, unless a user is able to use a password manager or similar, or 
there's a  "governing statutory requirements". The same cannot be said 
for, say, text-modifications.

Imagine a web-based (internal) system that can only be accessed on 
locked-down terminals. The system needs to authenticate users, but at 
the same time doesn't allow installation of password managers, or access 
to web-based password managers (and even if it did, the user would have 
to log into the password manager?). Is there any way for this system to 
pass the SC without compromising security/removing authentication 
altogether?

P
-- 
Patrick H. Lauke

www.splintered.co.uk | https://github.com/patrickhlauke
http://flickr.com/photos/redux/ | http://redux.deviantart.com
twitter: @patrick_h_lauke | skype: patrick_h_lauke

Received on Saturday, 23 December 2017 18:40:04 UTC