Learn how to advocate for more inclusive user experience in web forms that addresses security concerns without sacrificing accessibility and usability.
For most companies and organizations, digital accessibility implementation is an uphill battle. While desire for inclusive design and customer satisfaction can be helpful motivators, reducing legal risk is often a primary driver. When adding cybersecurity into the mix, however, this can become a risk management battle, and one where cybersecurity usually wins—leaving accessibility and inclusive design behind.
While laws and research-based standards can certainly help provide goalposts for achieving sufficient cybersecurity, they fall short when distinguishing between security theater and true cybersecurity. What are the real risks involved, and what is just for show?
When dealing with form fields, many of the front-end security techniques focus on protection from shoulder surfing and targeted authentication hacking. But oftentimes, these techniques ignore the impact certain experiences have on disabled users. Keeping sensitive data protected is important for all users—including those who are disabled. However, accessibility and usability need to be considered in tandem with security concerns rather than as an afterthought.
In order to ensure accessible, secure, and accurate entry of sensitive data, I will propose a research-based solution that combines the show/hide input masking feature, allows autocomplete for form fields of sensitive data, and provides adequate labels, instructions, and error suggestion and prevention. However, I will also call for further innovation in the space and continued diligence in improving the accessible UX design for forms without sacrificing security.
- Examine different security techniques being used
- Examine impact of security techniques on people with disabilities
- Examine techniques that offer security and accessibility benefits