Review: 3.3.9 Accessible Authentication (Enhanced) (AAA) #90
Description
Task: Edit MCAG section 3.3.9 considering the mobile research questions (to be completed)
A cognitive function test (such as remembering a password or solving a puzzle) is not required for any step in an authentication process unless that step provides at least one of the following:
Alternative: Another authentication method that does not rely on a cognitive function test.
Mechanism: A mechanism is available to assist the user in completing the cognitive function test.
Sufficient Techniques for Success Criterion 3.3.9
Note: Other techniques may also be sufficient if they meet the success criterion. See Understanding Techniques.
G218: Email link authentication
H100: Providing properly marked up email and password inputs
Providing WebAuthn as an alternative to username/password (Potential future technique)
Providing a 3rd party login using oAuth (Potential future technique)
Using two techniques to provide 2 factor authentication (Potential future technique)
Failures for Success Criterion 3.3.9
F109: Failure of Success Criterion 3.3.8 and 3.3.9 due to preventing password or code re-entry in the same format