Skip to main content

Avoid Requiring Cognitive Function Tests for Authentication

WCAG 2.1 Ultimate Guide
Disabilities Affected: Cognitive, Visual
Success Criterion: 2.2.9
Level: AAA
WCAG Link
Authentication processes must not rely on a cognitive function test. (Note: This proposed AAA guideline removes the exceptions/alternatives allowed at Level AA in 2.2.7/2.2.8).

Why It Matters

This proposed highest level aims to eliminate cognitive function tests (like password recall, transcription, puzzle-solving) from authentication entirely, providing the most accessible login experience for users with cognitive disabilities.

Fixing the Issue

Implement authentication methods that do not require users to remember, transcribe, or solve problems. Rely solely on methods like:

  • Third-party login providers (OAuth).
  • WebAuthn / FIDO2 (biometrics, security keys).
  • Email link authentication (“magic links”).
  • Potentially other emerging passwordless methods. Avoid traditional password fields and CAPTCHAs altogether if aiming for this level.

Good Code Example

Login relying only on passwordless methods:

  • <h2>Login / Register</h2>
<button onclick="loginWithGoogle()">Login with Google</button>
<button onclick="loginWithSecurityKey()">Use Security Key</button>
<hr>
<label for="email-magic">Or get a login link sent to your email:</label>
<input type="email" id="email-magic" name="email" autocomplete="email">
<button onclick="sendMagicLink()">Send Link</button>

<script>
  function loginWithGoogle() { /* OAuth flow */ }
  function loginWithSecurityKey() { /* WebAuthn flow */ }
  function sendMagicLink() { /* Send email link */ }
</script>

  • Login / Register

Bad Code Example

Any login form requiring a password or CAPTCHA:

  • <form action="/login" method="post">
   <label for="username">Username:</label> <input type="text" id="username" name="user"><br>
   <label for="password">Password:</label> <input type="password" id="password" name="pass"><br>
   <button type="submit">Login</button>
</form>


Search Ultimate Guide
Tablet displaying an eBook cover titled 'Integrating Accessibility Compliance Into Your Budget' by AccessiTREE. The cover features a digital tree with accessibility-related icons, symbolizing inclusive design and compliance.
Free eBook
Integrating Accessibility Compliance Into Your Budget
A Practical Guide for Healthcare Leaders Navigating the New HHS Ruling
Learn More
Need Help with Compliance?
Our team is here to guide you through the process of meeting accessibility standards. Contact us today to get started.
Schedule Consult