Technique H100:Providing properly marked up email and password inputs

Applicability

Content structured in HTML.

This technique relates to:

3.3.8: Accessible Authentication (Minimum) (Sufficient)
3.3.9: Accessible Authentication (Enhanced) (Sufficient)

Description

The objective of this technique is to provide examples of properly marked up email and password inputs. This technique involves providing form mechanism where the user can enter their email address and password to log into the website.

Browsers and password managers generally use the accessible name of the input to determine how to fill it in. The user agent (including password managers) should not be blocked from populating the fields, and pasting by the user should also not be blocked.

Examples

Example 1: properly marked up email and password inputs

A secure website has an email and password based login form.


<form method="post" action="login">
 <div>
   <label for="email">Email</label>
   <input id="email" type="email" autocomplete="email" ... >
  </div>
  <div>
    <label for="password">Password</label>
    <input id="password" type="password" autocomplete="current-password" ... >
  </div>
    <input type="submit" value="Login" >
  </div>
</form>

Other sources

No endorsement implied.

Bureau of Internet Accessibility: How To Make Your Website's Authentication Process Accessible

Tests

Procedure

For websites which require users to login with an email and password only:

Check that each input for authentication includes an appropriate accessible-name.
Check that each input for authentication allows pasting.

Expected Results

#1 and #2 are true.