Re-authenticating

About

Version:	WCAG 2.0 and up
Number:	2.2.5
Level:	AAA
Applicability:	Authenticated Sessions
Requirement:	When an authenticated session expires, the user can continue the activity without loss of data after re-authenticating.
Guidance:	Understanding Success Criterion 2.2.5 How to meet Success Criterion 2.2.5
Techniques:	G105: Saving data so that it can be used after a user re-authenticates G181: Encoding user data as hidden or encrypted data in a re-authorization page

Purpose

The purpose of this success criterion is to ensure that users who require extra time to complete tasks are not logged out in the middle of an authenticated session (e.g., from an educational application) before they can complete their work.

How to Meet

Although uncommon for a digital publication to implement an authenticated session (i.e., where the must log in), if authors do implement such sessions, they need to ensure that users can re-authenticate without losing any work they have completed or data they have input.

Additional Information

The following knowledge base pages provide more information about how to address this success criterion for publishing content:

Timers