Start Free Team Trial

The WCAG Explained

Simplified and actionable explanations of every WCAG 2.2 criteria

Accessible Authentication (Enhanced)

Summary:
WCAG 3.3.9, "Accessible Authentication (Enhanced)," focuses on further improving the accessibility of authentication processes, going beyond the minimum requirements. This guideline is vital for users who face challenges with traditional authentication methods, including those with cognitive, memory, or motor impairments.

What:
This enhanced criterion requires that authentication processes offer an accessible, easy-to-use mechanism that does not rely on cognitive tests, like recalling or transcribing information, with a few allowed methods.

Why:
Complex authentication can be a significant barrier for many users. Providing simpler, more accessible methods ensures that all users, regardless of their abilities, can securely access content and services.

Examples and Scenarios:

  1. Streamlined Login Procedures: Implementing single sign-on systems that reduce the need for multiple authentications.
  2. Alternative Security Measures: Using hardware tokens or biometric data as alternatives to memory-based passwords.
  3. Simplified Multi-Factor Authentication: Allowing users to authenticate through methods that don't require typing or remembering information, like using an app to confirm login attempts.

How to Comply:

  • Websites: Incorporate varied and flexible authentication options that cater to different user needs and abilities, such as biometric authentication or external authentication devices.
  • Mobile Apps: Provide in-app authentication methods that leverage the device's capabilities, like fingerprint scanning or facial recognition.
  • Software Applications: Ensure that the application offers multiple accessible ways to authenticate, reducing reliance on memory or complex cognitive tasks.

Exceptions:

  • Essential Security Protocols: In cases where specific types of authentication are required for high-level security needs.
  • Regulatory Compliance: When legal or regulatory frameworks dictate the use of certain authentication methods.
  • Technological Constraints: Limitations in current technology that might prevent the implementation of certain accessible authentication methods.

WCAG Links

WCAG 2.2 documentation

Official WCAG criterion documentation

Understanding SC 3.3.9

Documentation and examples from the WCAG

WCAG How to Meet

Technical deep dives on how to meet specific criteria in the WCAG by W3C