Rule: Accessible Authorization (Minimum)

Rule ID Authorization 1
Conformance Required
Definition A cognitive function test (such as remembering a password or solving a puzzle) is not required for any step in an authentication process unless that step provides at least one of four ways of completing the test.
  • People with cognitive issues relating to memory, reading (for example, dyslexia), numbers (for example, dyscalculia), or perception-processing limitations will be able to authenticate irrespective of the level of their cognitive abilities.
Conformance Required
WCAG Success Criteria

Success Criterion 3.3.8 Accessible Authentication (Minimum)

Rule Category Forms
Rule Scope Page
  • Email link authentication
  • Providing properly marked up email and password inputs
  • Providing WebAuthn as an alternative to username/password
  • Providing a 3rd party login using OAuth
  • Using two techniques to provide 2 factor authentication
Information Links