[Back to 2 Operable index](index.html)

# 2.2.5 Re-authenticating

- Level: AAA
- Guideline: 2.2 Enough Time
- Principle: 2 Operable

## What it is

When an authenticated session expires, the user can continue the activity without loss of data after re-authenticating.

## How to test

- Check: When an authenticated session expires, the user can continue the activity without loss of data after re-authenticating.
- Use the sufficient techniques below as acceptable methods when applicable.
- Confirm none of the common failures apply.

## Sufficient techniques (W3C)

- G105: Saving data so that it can be used after a user re-authenticates
- G181: Encoding user data as hidden or encrypted data in a re-authorization page

## Common failures (W3C)

- F12: Failure of Success Criterion 2.2.5 due to having a session time limit without a mechanism for saving user's input and re-establishing that information upon re-authentication

## Resources

- WCAG 2.2 SC: https://www.w3.org/TR/WCAG22/#re-authenticating
- Understanding: https://www.w3.org/WAI/WCAG22/Understanding/re-authenticating.html
- Quick reference: https://www.w3.org/WAI/WCAG22/quickref/?versions=2.2#re-authenticating

[Back to 2 Operable index](index.html)