E-mail List Archives
Thread: online accessibility and privacy
Number of posts in this thread: 13 (In chronological order)
From: Terzian, Sharon
Date: Thu, Feb 26 2015 2:48PM
Subject: online accessibility and privacy
No previous message | Next message →
Hi all, so I asked a question a few weeks ago about accessibility and privacy, things like passwords online (people with DD, how do you make it rememberable without putting their security at risk? what does JAWS and other screen readers tell you when you type in your password and what if someone else were in the room?)
This weekend I have to host a discussion in the PhD class about these and any other issues that you think are important, especially with a nod to identity theft and your privacy.
Please speak up and mention any issues/concerns that you and others that you may know with disabilities may have that are unique to the way they view the web.
Thank you very much!
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Don Mauck
Date: Thu, Feb 26 2015 3:04PM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
From a screen readers perspective, you hear something like "circle bullet," or *** (star, star ,star". This could be somewhat dependent upon the data dictionary and how it might be customized. For the most part, what you see in the password screen is probably what the screen reader will speak.
From: JAKE JOEHL
Date: Thu, Feb 26 2015 3:34PM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
Hi Sharon. I'm currently using VoiceOver on a MacBook Air, and it clicks as you type in your password. This clicking wasn't always that consistent under OS X Mavericks, but it seems to work better in Yosemite. I just enabled File Vault last week and had it encrypt my data. Now each time I boot up my Mac, I just wait about 15 seconds and then manually enable VoiceOver with Command-F5. Both Username and Password prompts are spoken, but when I input my username nothing is echoed with my settings set to Word Echo. I've not yet tried this method out with the other verbosity settings though. Then I press Enter and VO prompts me for my password.
When I input my password I get clicks, but they are slightly different. Then I just hit Enter again to log on, and if both fields are correct I get 3 medium-length beeps. If one or both of the fields is incorrect VoiceOver prompts me to re-enter the information. I deliberately got my credentials wrong a few times just to see what would happen, and VoiceOver does indeed read the prompts again. System Access beeps when entering passwords, and NVDA says "Star." Hope this is helpful. Anyone else on here please correct me if I'm wrong. I haven't used Windows now for a little while. I don't know what Window-Eyes does for passwords, and I think JFW still says "Star."
Jake
Please visit me at http://jazzyjj.dreamwidth.org .
On Feb 26, 2015, at 3:48 PM, Terzian, Sharon < = EMAIL ADDRESS REMOVED = > wrote:
Hi all, so I asked a question a few weeks ago about accessibility and privacy, things like passwords online (people with DD, how do you make it rememberable without putting their security at risk? what does JAWS and other screen readers tell you when you type in your password and what if someone else were in the room?)
This weekend I have to host a discussion in the PhD class about these and any other issues that you think are important, especially with a nod to identity theft and your privacy.
Please speak up and mention any issues/concerns that you and others that you may know with disabilities may have that are unique to the way they view the web.
Thank you very much!
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Terzian, Sharon
Date: Thu, Feb 26 2015 3:36PM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
Thanks, now do you have that set up so that it limits the number of times you can log in incorrectly? and if so, what does it do?
Just again thinking about security (and someone else trying to break in)
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: = EMAIL ADDRESS REMOVED = [ = EMAIL ADDRESS REMOVED = ] On Behalf Of JAKE JOEHL [ = EMAIL ADDRESS REMOVED = ]
Sent: Thursday, February 26, 2015 5:34 PM
To: WebAIM Discussion List
Subject: Re: [WebAIM] online accessibility and privacy
Hi Sharon. Im currently using VoiceOver on a MacBook Air, and it clicks as you type in your password. This clicking wasnt always that consistent under OS X Mavericks, but it seems to work better in Yosemite. I just enabled File Vault last week and had it encrypt my data. Now each time I boot up my Mac, I just wait about 15 seconds and then manually enable VoiceOver with Command-F5. Both Username and Password prompts are spoken, but when I input my username nothing is echoed with my settings set to Word Echo. Ive not yet tried this method out with the other verbosity settings though. Then I press Enter and VO prompts me for my password.
When I input my password I get clicks, but they are slightly different. Then I just hit Enter again to log on, and if both fields are correct I get 3 medium-length beeps. If one or both of the fields is incorrect VoiceOver prompts me to re-enter the information. I deliberately got my credentials wrong a few times just to see what would happen, and VoiceOver does indeed read the prompts again. System Access beeps when entering passwords, and NVDA says Star. Hope this is helpful. Anyone else on here please correct me if Im wrong. I havent used Windows now for a little while. I dont know what Window-Eyes does for passwords, and I think JFW still says Star."
Jake
Please visit me at http://jazzyjj.dreamwidth.org .
On Feb 26, 2015, at 3:48 PM, Terzian, Sharon < = EMAIL ADDRESS REMOVED = > wrote:
Hi all, so I asked a question a few weeks ago about accessibility and privacy, things like passwords online (people with DD, how do you make it rememberable without putting their security at risk? what does JAWS and other screen readers tell you when you type in your password and what if someone else were in the room?)
This weekend I have to host a discussion in the PhD class about these and any other issues that you think are important, especially with a nod to identity theft and your privacy.
Please speak up and mention any issues/concerns that you and others that you may know with disabilities may have that are unique to the way they view the web.
Thank you very much!
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Jim Allan
Date: Thu, Feb 26 2015 3:46PM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
the number of failed attempts to login is set by the system you are trying
to log into. It is not set by the user or the local computer.
On Thu, Feb 26, 2015 at 4:36 PM, Terzian, Sharon < = EMAIL ADDRESS REMOVED = > wrote:
> Thanks, now do you have that set up so that it limits the number of times
> you can log in incorrectly? and if so, what does it do?
>
> Just again thinking about security (and someone else trying to break in)
>
>
> Sharon Terzian
> Webmistress/Sherlock Center @ RIC
> Adjunct Professor/School of Management @ RIC
> http://www.sherlockcenter.org
> http://www.dubowitzsyndrome.net
> > From: = EMAIL ADDRESS REMOVED = [
> = EMAIL ADDRESS REMOVED = ] On Behalf Of JAKE JOEHL [
> = EMAIL ADDRESS REMOVED = ]
> Sent: Thursday, February 26, 2015 5:34 PM
> To: WebAIM Discussion List
> Subject: Re: [WebAIM] online accessibility and privacy
>
> Hi Sharon. I'm currently using VoiceOver on a MacBook Air, and it clicks
> as you type in your password. This clicking wasn't always that consistent
> under OS X Mavericks, but it seems to work better in Yosemite. I just
> enabled File Vault last week and had it encrypt my data. Now each time I
> boot up my Mac, I just wait about 15 seconds and then manually enable
> VoiceOver with Command-F5. Both Username and Password prompts are spoken,
> but when I input my username nothing is echoed with my settings set to Word
> Echo. I've not yet tried this method out with the other verbosity settings
> though. Then I press Enter and VO prompts me for my password.
> When I input my password I get clicks, but they are slightly different.
> Then I just hit Enter again to log on, and if both fields are correct I get
> 3 medium-length beeps. If one or both of the fields is incorrect VoiceOver
> prompts me to re-enter the information. I deliberately got my credentials
> wrong a few times just to see what would happen, and VoiceOver does indeed
> read the prompts again. System Access beeps when entering passwords, and
> NVDA says "Star." Hope this is helpful. Anyone else on here please correct
> me if I'm wrong. I haven't used Windows now for a little while. I don't
> know what Window-Eyes does for passwords, and I think JFW still says "Star."
> Jake
> Please visit me at http://jazzyjj.dreamwidth.org .
>
>
>
> On Feb 26, 2015, at 3:48 PM, Terzian, Sharon < = EMAIL ADDRESS REMOVED = > wrote:
>
> Hi all, so I asked a question a few weeks ago about accessibility and
> privacy, things like passwords online (people with DD, how do you make it
> rememberable without putting their security at risk? what does JAWS and
> other screen readers tell you when you type in your password and what if
> someone else were in the room?)
>
> This weekend I have to host a discussion in the PhD class about these and
> any other issues that you think are important, especially with a nod to
> identity theft and your privacy.
>
> Please speak up and mention any issues/concerns that you and others that
> you may know with disabilities may have that are unique to the way they
> view the web.
>
> Thank you very much!
>
>
> Sharon Terzian
> Webmistress/Sherlock Center @ RIC
> Adjunct Professor/School of Management @ RIC
> http://www.sherlockcenter.org
> http://www.dubowitzsyndrome.net
> >
> > > >
> > > > > > >
--
[image: http://www.tsbvi.edu] <http://www.tsbvi.edu>Jim Allan,
Accessibility Coordinator & Webmaster
Texas School for the Blind and Visually Impaired
1100 W. 45th St., Austin, Texas 78756
voice 512.206.9315 fax: 512.206.9264 http://www.tsbvi.edu/
"We shape our tools and thereafter our tools shape us." McLuhan, 1964
From: Terzian, Sharon
Date: Fri, Feb 27 2015 4:56AM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
Hi, another question (and thank you for answering and indulging me)
Do any of you have concerns about your privacy or information being 'out there', or feeling less secure because of any extra features or software that you use?
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Birkir R. Gunnarsson
Date: Fri, Feb 27 2015 6:51AM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
A couple of thoughts (all I can muster on a Friday morning before coffee):
This does not so much relate to computers, but more to any ATMs or
self-service terminals, to some degree to phones perhaps. Any system
designed for customer interaction with added speech must offer
headphone jacks. I ahve heard of older talking ATMs that would not
offer this, you really do not want the world to see your transactions,
especially financial ones.
Thumbs up for the iPhone screen curtain, you want to make sure that if
you conduct any transactions on your phone, that the world does not
get a glimpse of your screen. When you type using a software braille
keyboard you turn the phone display away from you (if not on a
tabletop), and therefore this is important. I do not think Android
still offers this, which is a drawback.
Some countries and system offer external security keys (devices taht
generate unique codes which you must use every time you log in).
Frequently these systems come with no speech options. It is important
that this be changed, either by creating units with speech, or offer
alternatives such as generating codes and sending as text to
registered phone numbers or email addresses.
web accessibility concerns in the field are not so much directly
related to security but more about exclusions.
CAPTCHAs need to be designed to offer alternative to images.
Frequently any pattern that matches SSNs, credit card numbers or other
sensitive data is obfiscated on screens, we need to make sure that you
can unhide it using the keyboard, not only with the mouse.
Some sites offer password strength indicators to help users create
safe or strong passwords. These are usually graphical bars that fill
in as user adds more security, or star graphics that indicate strength
of password.
It is important that this info be made accessible.
Security is important, but it must be implemented in such a way as to
not exclude users with disabilities.
On 2/27/15, Terzian, Sharon < = EMAIL ADDRESS REMOVED = > wrote:
> Hi, another question (and thank you for answering and indulging me)
>
> Do any of you have concerns about your privacy or information being 'out
> there', or feeling less secure because of any extra features or software
> that you use?
>
>
>
> Sharon Terzian
> Webmistress/Sherlock Center @ RIC
> Adjunct Professor/School of Management @ RIC
> http://www.sherlockcenter.org
> http://www.dubowitzsyndrome.net
> > > > >
--
Work hard. Have fun. Make history.
From: deborah.kaplan
Date: Fri, Feb 27 2015 7:11AM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
Birkir R. Gunnarsson wrote:
> web accessibility concerns in the field are not so much directly related to security but more about exclusions.
I think I mentioned this on list last time the question came up,
but password or passphrase-based authentication can be a real
problem for people who use alternative input methods, especially
voice. It is impossible to dictate a password securely in the
presence of other people.
I've tried various workarounds, but all of them have other
security implications. Insecure passwords can be stored in voice
or button macros, but that means that the macro file is
vulnerable. Where the software allows fingerprint-based input, an
individual who has sufficient use of their hands to control a
fingerprint can use that as an alternative, but (1) many people
who can't use keyboards or touchscreens also can't use
fingerprint sensors, and (2) that has legal implications, as the
US courts have maintained that you cannot be forced to input a
password into a device, but you can be forced to unlock by
fingerprint.
The difficulty of entering passwords, passphrases, and security
codes via alternative input methods also means that people who
can't type are less likely to use two factor authentication, thus
making all of their accounts more vulnerable to hacks.
And of course, many of the exclusions that Birkir mentioned for
blind/VI users are also problems for people who use alternative
input methods. If you can't control ATM buttons, how can you type
in your PIN without giving it to somebody else? Any kind of
password/passcode authentication can be much more difficult for
people with limited or no hand control.
As an aside, I'm no expert on cognitive disability, but I would
assume that the current ways we handle password failures,
lockouts, unclear and underspecified character requirements for
new passwords, password expiration, and two factor authentication
are massive cognitive blockers for a lot of people.
Deborah Kaplan
From: Terzian, Sharon
Date: Fri, Feb 27 2015 10:29AM
Subject: Re: online accessibility and privacy
← Previous message | Next message →
Thank you again for your responses, and yes, as a parent of a (now) young lady with cognitive disabilities, it's difficult to select a reasonably 'secure' password for her that she can remember, though we've moved off her last name (not the same as mine so don't get any ideas LOL) and on to pets with
some number combos, I don't (for her, but even for me at time) like an automatic save, but in some cases, it's just necessary for her...
My bank can save my login info, which is a 16 digit ATM card, now my ATM card has changed a few times over the years and I have no idea how I can remember that one!
I also use a password protected file in Excel to store all my passwords. Being a web mistress and online for all kinds of things, that aren't necessarily mine, I needed a 'safer' place to keep stuff, especially when I didn't choose the password (or since I have so many, just can't remember which one is where).
In most of the recent cases of hacking online, it wouldn't have mattered how secure your password were, it was the company (Home Depot, Sony, etc) security that failed.
Is there anything you'd else you'd like to bring up or would like to see addressed as I move forward with this discussion in my group (they are all in either the cyber security or digital forensics programs at URI)? These people do more of this for a living than I do and I'd
like to see something helpful come out of the discussions we are having.
Once again, thank you all for your time and input.
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Terzian, Sharon
Date: Sun, Mar 01 2015 10:48AM
Subject: Re: online accessibility and privacy - biometrics
← Previous message | Next message →
Hello again,
how do you feel about the biometric advances (iris readers, fingerprint scanners) in terms of your security
thanks!!
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: Jonathan Avila
Date: Sun, Mar 01 2015 12:20PM
Subject: Re: online accessibility and privacy - biometrics
← Previous message | Next message →
> how do you feel about the biometric advances (iris readers, fingerprint scanners) in terms of your security
The fact that some people don't have irises or fingerprints, etc. is the biggest challenge. As for security goes these techniques could be good for some people with disabilities that have these characteristics because they would be easier than entering or remembering a password. I definitely like the finger print reader on my iPhone but I can use that feature while other's can't. Also, other techniques that rely on eye scans or are affected by eye movement may be difficult for people that have nystagmus even if we do have irises.
Jonathan
--
Jonathan Avila
Chief Accessibility Officer
SSB BART Group
= EMAIL ADDRESS REMOVED =
703-637-8957 (o)
Follow us: Facebook | Twitter | LinkedIn | Blog | Newsletter
From: Whitney Quesenbery
Date: Mon, Mar 02 2015 9:42AM
Subject: Re: online accessibility and privacy - biometrics
← Previous message | Next message →
The key is options... As with so much.
I love that my Android phone offers me choices and and I like being able to
change them to meet the context.
The notion that even one person will only work in one way all the time
seems silly.
On 2:21PM, Sun, Mar 1, 2015 Jonathan Avila < = EMAIL ADDRESS REMOVED = >
wrote:
> > how do you feel about the biometric advances (iris readers, fingerprint
> scanners) in terms of your security
>
> The fact that some people don't have irises or fingerprints, etc. is the
> biggest challenge. As for security goes these techniques could be good for
> some people with disabilities that have these characteristics because they
> would be easier than entering or remembering a password. I definitely like
> the finger print reader on my iPhone but I can use that feature while
> other's can't. Also, other techniques that rely on eye scans or are
> affected by eye movement may be difficult for people that have nystagmus
> even if we do have irises.
>
> Jonathan
>
> --
> Jonathan Avila
> Chief Accessibility Officer
> SSB BART Group
> = EMAIL ADDRESS REMOVED =
>
> 703-637-8957 (o)
> Follow us: Facebook | Twitter | LinkedIn | Blog | Newsletter
>
>
>
From: Terzian, Sharon
Date: Tue, Mar 03 2015 3:45AM
Subject: Re: online accessibility and privacy
← Previous message | No next message
Thanks again
Is there anything else you find helpful or would like me to bring up?
As I usually find, this group, like so many others, NEVER thought about any barriers for people with disabilitie before, I hope if nothing else, I've raised some awareness as this group will eventually be out in the world working in this field (there are only about 40 of them, but it's a start!)
Sharon Terzian
Webmistress/Sherlock Center @ RIC
Adjunct Professor/School of Management @ RIC
http://www.sherlockcenter.org
http://www.dubowitzsyndrome.net
From: = EMAIL ADDRESS REMOVED = [ = EMAIL ADDRESS REMOVED = ] On Behalf Of Jonathan Avila [ = EMAIL ADDRESS REMOVED = ]
Sent: Sunday, March 01, 2015 2:20 PM
To: WebAIM Discussion List
Subject: Re: [WebAIM] online accessibility and privacy - biometrics
> how do you feel about the biometric advances (iris readers, fingerprint scanners) in terms of your security
The fact that some people don't have irises or fingerprints, etc. is the biggest challenge. As for security goes these techniques could be good for some people with disabilities that have these characteristics because they would be easier than entering or remembering a password. I definitely like the finger print reader on my iPhone but I can use that feature while other's can't. Also, other techniques that rely on eye scans or are affected by eye movement may be difficult for people that have nystagmus even if we do have irises.
Jonathan
--
Jonathan Avila
Chief Accessibility Officer
SSB BART Group
= EMAIL ADDRESS REMOVED =
703-637-8957 (o)
Follow us: Facebook | Twitter | LinkedIn | Blog | Newsletter