E-mail List Archives
Re: Accessible authentication and "transcription"
From: Peter Bossley
Date: Oct 8, 2023 5:49PM
- Next message: Geethavani.Shamanna: "Re: Accessible authentication and "transcription""
- Previous message: Patrick H. Lauke: "Re: Accessible authentication and "transcription""
- Next message in Thread: Geethavani.Shamanna: "Re: Accessible authentication and "transcription""
- Previous message in Thread: Patrick H. Lauke: "Re: Accessible authentication and "transcription""
- View all messages in this Thread
Note that if the code is only valid for a short period of time e.g. 30 seconds like some TOTPs that might be too short to be a valid argument under the copy - paste theory. This is something that I've raised as something the working group should clarify.
-----Original Message-----
From: WebAIM-Forum < <EMAIL REMOVED> > On Behalf Of Patrick H. Lauke
Sent: Sunday, October 8, 2023 3:27 PM
To: <EMAIL REMOVED>
Subject: Re: [WebAIM] Accessible authentication and "transcription"
On 08/10/2023 20:19, Damon van Vessem wrote:
> Greetings,
>
> I have a question about 3.3.8 Accessible Authentication (AA), specifically
> about âtranscribingâ information. Letâs say a user is trying to sign in on
> their laptop and a 2-factor mechanism requires them to use one-time code
> received/generated on their phone. Is this an acceptable solution, since it
> requires them to type (transcribe?) the code on their laptop?
If they can only transcribe it manually, then that fails. There is some
gray area around the idea that they can potentially copy it on device,
then transfer it to their machine (for instance, emailing it over, or
with OS integrations that let you have a shared clipboard between devices).
P
--
Patrick H. Lauke
https://www.splintered.co.uk/ | https://github.com/patrickhlauke
https://flickr.com/photos/redux/ | https://www.deviantart.com/redux
https://mastodon.social/@patrick_h_lauke | skype: patrick_h_lauke
- Next message: Geethavani.Shamanna: "Re: Accessible authentication and "transcription""
- Previous message: Patrick H. Lauke: "Re: Accessible authentication and "transcription""
- Next message in Thread: Geethavani.Shamanna: "Re: Accessible authentication and "transcription""
- Previous message in Thread: Patrick H. Lauke: "Re: Accessible authentication and "transcription""
- View all messages in this Thread