Add security mention to Timing Adjustable and tweak Re-Authentication (#4382)

* adds mention of security exceptions such as two-factor/MFA tokens
(under "essential") for timing adjustable
* tweaks examples in re-authentication (they appear to violate timing
adjustable at the moment) and cross-reference to timing adjustable

bonus:

* removes excessive whitespace (spaces, tabs, empty lines) from the two
understanding docs
* replaces a `<p><strong>...</strong></p>` with actual heading markup
* replaces "spasticity" - while medically accurate, this ... just looks
off
* removes the "quiz" example from re-authenticating understanding, as it
was debatable if expecting the user to manually save (rather than
automatically saving) actually satisfies the SC

closes #1424
closes #3290

Diff previews for Understanding [Timing
Adjustable](https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fwww.w3.org%2FWAI%2FWCAG22%2FUnderstanding%2Ftiming-adjustable&doc2=https%3A%2F%2Fdeploy-preview-4382--wcag2.netlify.app%2Funderstanding%2Ftiming-adjustable)
and
[Re-Authentication](https://services.w3.org/htmldiff?doc1=https://www.w3.org/WAI/WCAG22/Understanding/re-authenticating.html&doc2=https://deploy-preview-4382--wcag2.netlify.app/understanding/re-authenticating)

---------

Co-authored-by: Dan Bjorge <[email protected]>
Co-authored-by: Kenneth G. Franqueiro <[email protected]>
Co-authored-by: Mike Gower <[email protected]>

Author: 4 people

understanding/20/re-authenticating.html

@@ -7,73 +7,68 @@
 </head>
 <body>
    <h1>Understanding Re-authenticating</h1>
-   
+
    <section id="brief">
       <h2>In brief</h2>
       <dl>
          <dt>Goal</dt><dd>Users do not lose information or context due to reauthentication.</dd>
          <dt>What to do</dt><dd>Preserve users' prior activity and data through reauthentication.</dd>
-         <dt>Why it's important</dt><dd>Some people may require additional time to complete an activity.</dd> 
+         <dt>Why it's important</dt><dd>Some people may require additional time to complete an activity.</dd>
       </dl>
 
    </section>
-   
+
    <section id="intent">
       <h2>Intent of Re-authenticating</h2>
-      
-      
+
       <p>The intent of this success criterion is to allow all users to complete authenticated
          transactions that have inactivity time limits or other circumstances that would cause
          a user to be logged out while in the midst of completing the transaction.
       </p>
-      
       <p>For security reasons, many sites implement an authentication time limit after a certain
          period of inactivity. These time limits may cause problems for persons with disabilities
-         because it may take longer for them to complete the activity. 
+         because it may take longer for them to complete the activity.
       </p>
-      
       <p>Other sites will log a person out of a session if a person logs in on the website
          from another computer or if other activities arise that make the site suspicious of
          whether the person is still the same legitimate person who logged in originally. When
          users are logged out while still in the midst of a transaction - it is important that
          they be given the ability to re-authenticate and continue with the transaction without
          the loss of any data already entered.
-         
       </p>
-      
-      
+      <p class="note">Sites that implement session time limits and re-authentication requests are
+         still subject to the requirements of other criteria, such as
+         <a href="timing-adjustable">2.2.1 Timing Adjustable</a>.
+      </p>
    </section>
+
    <section id="benefits">
       <h2>Benefits of Re-authenticating</h2>
-      
-      
+
       <ul>
-         
          <li>This success criterion benefits people who may require additional time to complete
             an activity. People with cognitive limitations may read slowly and require additional
             time to read and respond to a questionnaire. Users interacting via a screen reader
-            may need extra time to navigate and complete a complicated form. 
+            may need extra time to navigate and complete a complicated form.
             A person with motor impairments or who navigates with an alternative input device
             may require additional time to navigate through or complete input within a form.
          </li>
-         
          <li>In circumstances where a sign-language interpreter may be relating audio content to
             a user who is deaf, control over time limits is also important.
          </li>
-         
       </ul>
-      
    </section>
-   
+
    <section id="examples">
       <h2>Examples of Re-authenticating</h2>
-      
+
       <dl>
          <dt>A shopping site checkout</dt>
-         <dd>A user with extremely limited use of the hands is logged into a shopping site. It
-               takes so long to enter credit card information into the application that a time limit
-               occurs while the user is performing the checkout process. When the user returns to
-               the checkout process and submits the form, the site returns a login screen to re-authenticate.
+         <dd>A user is logged into a shopping site. While in the middle of the checkout process, the user
+               is interrupted and has to leave their computer. While they are away, the site prompts the user
+               that the process is about to time out, and offers the ability to extend the timeout – but with
+               the user away, the timeout is not extended and the user is logged out. When the user returns to
+               the computer, they have to re-authenticate.
                After the user logs in, the check out process is restored with the same information
                and at the same stage. The user did not lose any data because the server had temporarily
                accepted and stored the submission even though the session had timed out and restored
@@ -83,22 +78,11 @@ <h2>Examples of Re-authenticating</h2>
                the user several minutes before the time-out occurs and provides a link to open a
                new window in order to re-authenticate. The original window with the in-progress email
                remains intact and, after re-authentication, the user may send that data.</dd>
-         <dt>A questionnaire with a time limit</dt>
-         <dd>A long questionnaire provided within a single web page has information at the beginning
-               that indicates that the session will time out after 15 minutes. The user is also informed
-               that the questionnaire can be saved at any point and completed at a later time. Within
-               the web page there are several buttons provided to save the partially completed form.
-               In addition, with JavaScript in the list of accessibility-supported content technologies
-               that are relied upon, the user can elect to be alerted via a pop-up if the session
-               is close to timing out.</dd>
       </dl>
-      
    </section>
-   
+
    <section id="resources">
       <h2>Resources for Re-authenticating</h2>
-      
-      
    </section>
 
    {% # Data for associated techniques is defined in understanding/understanding.11tydata.js %}

understanding/20/timing-adjustable.html

@@ -7,7 +7,7 @@
 </head>
 <body>
    <h1>Understanding Timing Adjustable</h1>
-   
+
    <section id="brief">
 		<h2>In brief</h2>
 		<dl>
@@ -17,11 +17,10 @@ <h2>In brief</h2>
       </dl>
 
    </section>
-   
+
    <section id="intent">
       <h2>Intent of Timing Adjustable</h2>
-      
-      
+
       <p>The intent of this success criterion is to ensure that users with disabilities are
          given adequate time to interact with web content whenever possible. People with disabilities
          such as blindness, low vision, dexterity impairments, and cognitive limitations may
@@ -34,59 +33,55 @@ <h2>Intent of Timing Adjustable</h2>
          limit occurs helps those users who require more time than expected to successfully
          complete tasks. These options are listed in the order that will be most helpful for
          the user. Disabling time limits is better than customizing the length of time limits,
-         which is better than requesting more time before a time limit occurs. 
+         which is better than requesting more time before a time limit occurs.
       </p>
-      
+
       <p>Any process that happens without user initiation after a set time or on a periodic
          basis is a time limit. This includes partial or full updates of content (for example,
          page refresh), changes to content, or the expiration of a window of opportunity for
-         a user to react to a request for input. 
+         a user to react to a request for input.
       </p>
-      
+
       <p>It also includes content that is advancing or updating at a rate beyond the user's ability to read and/or understand it. In other words, animated, moving or scrolling content introduces a time limit on a users ability to read content.</p>
 
       <p>This success criterion is generally not applicable when the content repeats or is synchronized with other content, so long as the information and data is adjustable or otherwise under the control of the end user.  Examples of time limits for which this success criterion is not applicable include scrolling text that repeats, captioning, and <a href="https://www.w3.org/WAI/tutorials/carousels/">carousels</a>.  These are situations which do include time limits, but the content is still available to the user because it has controls for accessing it, as specified in <a href="../../guidelines/sc/20/pause-stop-hide.html">2.2.2 Pause, Stop, Hide</a>.</p>
 
       <p>In some cases, however, it is not possible to change the time limit (for example, for an auction or other real-time event) and exceptions are therefore provided for those cases.</p>
-      
+
       <p>Content that operates on a timer does not need to be time adjustable if there is an alternative that does not rely on a timer. For example, a web application such as an email client provides notification of new email arriving with a temporary message (such as a 'toast' message) in the lower right-hand side of the interface, and the message disappears after 5 seconds. Users are able to identify the arrival of email through other means, such as viewing the Inbox, so the disappearance of the message does not set a time limit on the their ability to determine if new mail has arrived. If the user has no other means of discovering the same information (or performing the same function), then each message would need to meet this success criterion in order to provide users with sufficient time to access the information.</p>
 
-      <p>
-         						   
-         <strong>Notes regarding server time limits</strong>
-         					
-      </p>
-      
+      <h3>Notes regarding time limits</h3>
+
       <ul>
-         
          <li>Timed server redirects can be found below under Common Failures.</li>
-         
          <li>Non-timed server redirects (e.g., 3xx response codes) are not applicable because there
             is no time limit: they work instantly.
          </li>
-         
          <li>This success criterion applies only to time limits that are set by the content itself.
             For example, if a time limit is included in order to address security concerns, it
             would be considered to have been set by the content because it  is designed to be
             part of the presentation and interaction experience for that content. Time limits
             set externally to content, such as by the user agent or by factors intrinsic to the
             Internet are not under the author's control and not subject to WCAG conformance requirements.
             Time limits set by web servers should be under the author's/organization's control
-            and are covered. (Success Criteria 
-            <a href="no-timing" class="guideline">2.2.3</a>, 
-            <a href="interruptions" class="guideline">2.2.4</a> and 
-            <a href="re-authenticating" class="guideline">2.2.5</a> may also apply.)
+            and are covered. Success Criteria
+            <a href="no-timing" class="guideline">2.2.3 No Timing</a>,
+            <a href="interruptions" class="guideline">2.2.4 Interruptions</a>, and
+            <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.
          </li>
-         
+         <li>Certain time limits implemented for security reasons, such as time-based / time-limited
+            two-factor authentication tokens, can be considered <em>essential</em>, and may be
+            exempt from this criterion. However, other criteria may apply, such as
+            <a href="redundant-entry">3.3.7 Redundant Entry</a>,
+            <a href="accessible-authentication-minimum">3.3.8 Accessible Authentication (Minimum)</a>, and
+            <a href="accessible-authentication-enhanced">3.3.9 Accessible Authentication (Enhanced)</a> may also apply.</li>
          <li>Ten times the default was chosen based on clinical experience and other guidelines.
             For example, if 15 seconds is allowed for a user to respond and hit a switch, 150
             seconds would be sufficient to allow almost all users to hit a switch even if they
             had trouble.
-            
          </li>
-         
          <li>20 seconds was also based on clinical experience and other guidelines. 20 seconds
-            to hit 'any switch' is sufficient for almost all users including those with spasticity.
+            to hit 'any switch' is sufficient for almost all users including those with reduced motion.
             Some would fail, but some would fail all lengths of time. A reasonable period for
             requesting more time is required since an arbitrarily long time can provide security
             risks to all users, including those with disabilities, for some applications. For
@@ -100,33 +95,21 @@ <h2>Intent of Timing Adjustable</h2>
             key," 20 seconds would meet this. If the person indicates that they are still present,
             the device should return the user to the exact condition that existed before it asked
             the question.
-            
-         </li>
-         
-         <li>20 hours was chosen as an upper limit because it is longer than a full waking day.
-            
          </li>
-         
+         <li>20 hours was chosen as an upper limit because it is longer than a full waking day.</li>
       </ul>
-      
+
       <p>In cases where timing is not an intrinsic requirement but giving users control over
          timed events would invalidate the outcome, a third party can control the time limits
-         for the user (for example, granting double time on a test). 
-         
-      </p>
-      
-      <p>See also 
-         <a href="no-timing">2.2.3: No Timing</a>.
-      </p>
-      
-      
+         for the user (for example, granting double time on a test).</p>
+
+      <p>See also <a href="no-timing">2.2.3: No Timing</a>.</p>
+
    </section>
    <section id="benefits">
       <h2>Benefits of Timing Adjustable</h2>
-      
-      
+
       <ul>
-         
          <li>People with physical disabilities often need more time to react, to type and to complete
             activities.  People with low vision need more time to locate things on screen and
             to read.   People who are blind and using screen readers may need more time to understand
@@ -135,77 +118,59 @@ <h2>Benefits of Timing Adjustable</h2>
             deaf and communicate in sign language may need more time to read information printed
             in text (which may be a second language for some).
          </li>
-         
          <li>In circumstances where a sign-language interpreter may be relating audio content to
             a user who is deaf, control over time limits is also important.
          </li>
-         
          <li>People with reading disabilities, cognitive limitations, and learning disabilities
             who may need more time to read or comprehend information can have additional time
             to read the information by pausing the content.
          </li>
-         
       </ul>
-      
    </section>
-   
+
    <section id="examples">
       <h2>Examples of Timing Adjustable</h2>
-      
-      
+
       <ul>
-         
          <li>A website uses a client side time limit to help protect users who may step away from
             their computer.   After a period of inactivity the web page asks if the user needs
-            more time.  If it doesn't get a response – it times out. 
+            more time.  If it doesn't get a response – it times out.
          </li>
-         
          <li>A web page has a field that automatically updates with the latest headlines in a rotating
             fashion. There is an interactive control that allows the user to extend the length
             of time between each update to as much as ten times the default. The control can be
-            operated with either a mouse or a keyboard. 
-            
+            operated with either a mouse or a keyboard.
          </li>
-         
          <li>A web page includes an animation which includes text that appears and disappears throughout.
             In some cases, the text is scrolling across the screen and in others, it is only displayed
             for a short time before it fades into the background. The page includes a pause button
             so that users who have trouble reading the text before it disappears can read it.
          </li>
-         
          <li>In an auction, there is a time limit on the amount of time a user has to submit a
             bid. Since the time limit applies to all users who want to bid on a particular item,
             it would be unfair to extend the time limit for any one particular user. Therefore,
             a time limit is required for this type of activity and no extension, adjustment, or
             deactivation of the time limit is required by this success criterion.
-            
          </li>
-         
          <li>An on-line ticket-purchasing site gives the user two minutes to confirm a purchase
             before the seats are returned to the general pool. Because tickets on such sites can
             sell out quickly, holding a ticket longer than that may invalidate the nature of the
             site, so this is a case in which the timing is essential and cannot be extended without
             invalidating the activity. However, the site does move as much of the process out
             of the time-critical period as possible, for instance allowing users to provide necessary
             information like name, payment method, etc., before entering the time-critical stage.
-            
          </li>
-         
          <li>A ticket-purchasing site allows the user two minutes to confirm purchase of selected
             seats, but warns the user when their time is almost out and allows the user to extend
             this time limit some number of times with a simple action such as clicking a "Extend
             time limit" button.
-            
          </li>
-         
       </ul>
-      
+
    </section>
-   
+
    <section id="resources">
       <h2>Resources for Timing Adjustable</h2>
-      
-      
    </section>
 
    {% # Data for associated techniques is defined in understanding/understanding.11tydata.js %}