Initial commit

3-understandable/3.3.9-accessible-authentication-enhanced.md

@@ -0,0 +1,41 @@
+[Back to 3 Understandable index](index.md)
+
+# 3.3.9 Accessible Authentication (Enhanced)
+
+- Level: AAA
+- Guideline: 3.3 Input Assistance
+- Principle: 3 Understandable
+
+## What it is
+
+A cognitive function test (such as remembering a password or solving a puzzle) is not required for any step in an authentication process unless that step provides at least one of the following:
+
+- **Alternative:** Another authentication method that does not rely on a cognitive function test.
+- **Mechanism:** A mechanism is available to assist the user in completing the cognitive function test.
+
+## How to test
+
+- Check: Another authentication method that does not rely on a cognitive function test.
+- Check: A mechanism is available to assist the user in completing the cognitive function test.
+- Use the sufficient techniques below as acceptable methods when applicable.
+- Confirm none of the common failures apply.
+
+## Sufficient techniques (W3C)
+
+- G218: Email link authentication
+- H100: Providing properly marked up email and password inputs
+- Providing WebAuthn as an alternative to username/password (Potential future technique)
+- Providing a third-party login using OAuth (Potential future technique)
+- Using two techniques to provide two-factor authentication (Potential future technique)
+
+## Common failures (W3C)
+
+- F109: Failure of Success Criterion 3.3.8 and 3.3.9 due to preventing password or code re-entry in the same format
+
+## Resources
+
+- WCAG 2.2 SC: https://www.w3.org/TR/WCAG22/#accessible-authentication-enhanced
+- Understanding: https://www.w3.org/WAI/WCAG22/Understanding/accessible-authentication-enhanced.html
+- Quick reference: https://www.w3.org/WAI/WCAG22/quickref/?versions=2.2#accessible-authentication-enhanced
+
+[Back to 3 Understandable index](index.md)