WebAIM - Web Accessibility In Mind

E-mail List Archives

Re: Password Rules - Impact on Users with Cognitive Disabilities

for

From: Birkir R. Gunnarsson
Date: Oct 29, 2014 6:31AM

I think password hiding is important, so passwords should be hidden by default.
However it would be a great UX improvement to offer users the change
at seeing their passwords as they type then (provide a "see my
password as I type" button or checkbox next to the password field).
I have seen graphics depicting the password strength that are
populated as you type.
You could have bullets such as
"password is at least 8 characters" that could change shape /color/alt
text as the password reaches its desired length
Another for "password must have one non-alphanumeric character"
etc.
You, of course, are unable to test if password is one of users
previous passwords, but if these graphics can help the user realize
what conditions he has met and which are still left.
Also informative error messages can help here.
I have sometimes wanted to have something like this as a user, though
one must take care to make them accessible whilst not overly verbose.
I am not saying one has to do this, and not doing it would be a WCAG
violation. The relevant success criterion is 3.3.2 )labels or
instructions), or if these clues are given using color or graphics
they must meet 1.4.1/1.1.1.
But 3.3.2 S.C. does not require you to go to these lengths to help
users, it is just good user design.

Cheers
-Birkir


On 10/28/14, <EMAIL REMOVED> < <EMAIL REMOVED> > wrote:
> Thanks Jonathan and Mallory for your inputs.
>
> One more thought - WCAG 2.0 doesn't have any S.C that relates to how
> password rules should be set, WCAG guides more on the implementation side.
>
> Regards
> Pooja Nahata
>
>
>