3.3.8 Accessible Authentication- Minimum (Level AA)

What is Accessible Authentication?

Authentication serves as a gatekeeper to digital platforms, requiring users to prove their identity before accessing resources or services. While authentication methods vary—from traditional password-based systems to biometric authentication and multi-factor authentication—they all share the common goal of verifying user identities.

However, for individuals with disabilities, traditional authentication methods can pose significant barriers. Issues such as inaccessible CAPTCHA challenges, reliance on visual cues, and complex password requirements can hinder their ability to authenticate successfully.

Why is it important?

Traditional authentication methods often rely heavily on memory, reading comprehension, and numerical skills, posing significant barriers for users with cognitive impairments. These barriers not only hinder access but also contribute to feelings of frustration and exclusion.

How can we meet 3.3.8 Accessible Authentication- Minimum ?

The new Success criteria suggest that we shouldn't ask users to pass a cognitive function test unless we provide them with an :

• Alternative authentication method that doesn't involve such a test. (Have listed few examples at the end)
• Object Recognition / Personal Content : At the AA level, we have the choice of asking users to recognize objects or identify non-text content they provided to the website.
• Mechanism : we can offer a way to help users complete the test. For example, Allow users paste password from a notepad or let browser save password for a user profile.

Alternatives: 

Some of the Alternatives to accessible authentication are:

• Biometrics

  A form of identification and access control that uses biological characteristics or traits such as fingerprint, or face recognition to verify that a person is who they claim to be.
• Passwordless authentication

  A method of authentication that replaces traditional passwords with more secure and safe factors. This can include a fingerprint, magic link, secret token, or other high-level security technique. 

Open Authorization 

OAuth is a secure way for you to give websites and apps permission to access your information without giving them your password. It allows you to log in using your existing accounts from other services like Google or Facebook.