Closed mikeash82 closed 4 years ago
I think this is covered by #30, #103 and #104. Do you think we should add our comments to those issues?
In relation to this, we have received a DAC report stating that we should be warning the user BEFORE this pattern even appears, that there is a timeout feature in place, potentially at the start of a service. Is this something that has been implemented elsewhere? Worth noting that this is a AAA standard, so classed as "low" priority, but none the less a becoming a more common comment in DAC reports.
In relation to this, we have received a DAC report stating that we should be warning the user BEFORE this pattern even appears, that there is a timeout feature in place, potentially at the start of a service. Is this something that has been implemented elsewhere? Worth noting that this is a AAA standard, so classed as "low" priority, but none the less a becoming a more common comment in DAC reports.
I'd be cautious about this - something to test. I've heard several times from other services that putting mention of things like this up front concerns / scares users. They frequently misunderstand the meaning of timeout - and for a 30 minute timeout think they'll have a limit of 30 minutes to complete their application rather than them needing to have 30 minutes of inactivity and have unlimited time overall.
Timeouts depend heavily on the service - for many services you can fill them in quickly and will rarely encounter the timeout - for these services, warning up front may unduly concern users where they wouldn't otherwise worry.
For services where you're more likely to encounter the timeout it's more important to talk about what information you might need up front and for the service team to consider how users might recover / continue their application (accounts, save & return, codes and whatnot).
I'm happy to see the phrase "Ultimately the timeout will be for services to decide. I expect our guidance to be that it shouldn't be less than 15 minutes, ideally 30 minutes or more. ".
What would happen if we acted on that?
There's a 30 minute timeout on the following service:
There's a 1 hour timeout on
The current timeout can result in user being timed out 121 seconds after being active (e.g. a key press). This is barely enough to answer the door, make a cup of tea, or have a call of nature. Has anyone developed a timeout (perhaps client-based) that measures user activity (key presses, mouse moves)?
@terrysimpson99 we have not. We show the timeout popup after 30 minutes. When we send someone off to verify we extend this to 60 minutes which allows almost all our users to try a couple of providers and hopefully get through.
@mikeash82 Is this issue a duplicate of https://github.com/alphagov/govuk-design-system-backlog/issues/104 and https://github.com/alphagov/govuk-design-system-backlog/issues/103?
Closing this as duplicate of https://github.com/alphagov/govuk-design-system-backlog/issues/104. Comments have been moved over to that issue.
@gavinwye commented on 31 Jan 2017
Originally discussed on HMRC internal Slack by @adamfenwick in collaboration with @roblav
@roblav commented on 9 Feb 2017
Feedback from Repayments project DAC report:
Page refresh
WCAG 2.0 References: Provide users with disabilities enough time to read and use content.
WCAG 2.0 reference 2.2 - Enough time https://www.w3.org/TR/WCAG20/#time-limits
Pages that are refreshed periodically can cause access problems for people with disabilities. Some with disabilities simply need more time to finish reading a page or completing a form. Refreshing the page before the user has finished using it can be a very frustrating experience; particularly if the session is reset and any interaction with the page, such as a partially completed form is lost.
Although we appreciate that session time-outs are important for security, these must not prohibit disabled users from using the website.
Result = Fail
A time-out was present that resulted in users being logged out after a certain time of inactivity. As it may take some users longer than others to complete tasks online, it is important that a warning is presented to inform of this functionality and where possible the option to extend this time.
High priority A
Technical Comment: Time-out without warning
Issue ID: DAC_TECH_Refresh_Issue1
Screen Shot:
There is a time-out feature present on the service that does not warn users that this is the case. This can prove disorienting for users; a warning must be provided and where possible the option to delay the time out.
Issue ID: DAC-USER-SRTB-T1-02
1) What type of issue did you experience? Time out function without warning for blind users.
2) Where was the issue? Please give the URL. Identified on the ‘happy path’ section (journey 1.)
Screen shot 2 showing time out message:
3) Describe the issue in detail and where it occurred on the page While attempting to enter account details, I found that blind Talkback users will be logged out without warning if no activity has been detected.
4) How did you work around this issue? There is currently no work around for this issue.
Solution
For each time limit that is set by the content, at least one of the following is true:
Turn off: The user is allowed to turn off the time limit before encountering it; or Adjust: The user is allowed to adjust the time limit before encountering it over a wide range that is at least ten times the length of the default setting; or Extend: The user is warned before time expires and given at least 20 seconds to extend the time limit with a simple action (for example, "press the space bar"), and the user is allowed to extend the time limit at least ten times; or Real-time Exception: The time limit is a required part of a real-time event (for example, an auction), and no alternative to the time limit is possible; or Essential Exception: The time limit is essential and extending it would invalidate the activity; or 20 Hour Exception: The time limit is longer than 20 hours.
@roblav commented on 9 Feb 2017
Here's the pattern that was created by Jen Rahman and Billy Adamson.
We followed the guidance of Chris Moore, our very own Accessibility champion, about the implementation using a modal box, implementing our solution using the criteria that follows.
Make sure the modal dialog box is accessible
Online references
@feedmypixel commented on 9 Feb 2017
@roblav thanks for the contribution. Some comments we had in slack that are worth exposing in this issue:
IMO what is needed from session timeout:
Thoughts:
To start with I'd ask what is the user need? and how can we address this in a progressive and accessible way?
A good read around modals
https://developer.appway.com/screen/ShowSingleRecipe/selectedRecipeId/1390246496349
@adamliptrot-oc commented on 9 Feb 2017
Whilst inline alerts described by the linked article are generally preferable to dialogs, the difference between this and the examples cited is that those examples are the result of direct user interaction triggering the dialog and user focus is on the particular part of the screen where the alert will be inlined. Here we are talking about something which is not a result of user interaction and needs to be brought front-and-centre for the user. For example, in the case of a user employing a screen magnifier, what would the solution be for an inline alert given the user might be quite literally focussed on a different part of the page?
In addition, the examples don’t have any major consequences if the user does not interact with the dialog, whereas in the case of the timeout they can be signed out.
What we don't want is for this dialog pattern to be taken as a reason to introduce more dialogs where inlined alerts would be preferable. So if progressed I think we'd need a set of preferred patterns developing to cover other instances where people might think to employ a dialog (such as those in the linked article).
@adamliptrot-oc commented on 9 Feb 2017
I think the 20-hour exemption quoted in https://www.w3.org/TR/WCAG20/#time-limits feels a little arbitrary. We’re currently running with an extended session timeout of 30 mins on our service and will be gathering data about how this additional time assists all users by preventing unwanted session ends.
@roblav commented on 9 Feb 2017
In response to your the above comments:
The content provided in the modal has been supplied by the content/design team, and has been approved by Chris Moore. It explains that it is for the users security that they will be signed out.
This isn't an issue as they are still on the page, at the same point in the service.
This happens already as required by the criteria given in Make sure the modal dialog box is accessible - on close, keyboard focus must be returned to the original point on the page
@feedmypixel commented on 9 Feb 2017
@roblav thanks. My thoughts were about providing these needs without a modal. Then potentially there may be no need for one. The question for me is what is the original pain point for users and how we can mitigate against those, that was what my thoughts were around. Also if these things can be solved without
JavaScript
it makes it all the bit more resilient.@timsb commented on 23 Feb 2017
Hi all, I found this this morning and thought it might be helpful - http://blog.barrierbreak.com/2017/02/14/modal-dialogs-and-accessibility-a-tricky-minefield/ It has some useful points on creating accessible modal windows but I must admit that the mailing list I got this from had the sub-heading 'Of course, the simplest solution is to stop using them'.
@david-mcdowell commented on 22 Mar 2017
Hi, I've recently created some new timeout screens for lost creds and 2SV registration.
Lost creds - the user will see this error during a lost credentials flow. I think the inactivity is set to 7 minutes
2SV - this one is displayed when access code text (or call back) takes too long to arrive
@david-mcdowell commented on 22 Mar 2017
We also use this one in the IV journey, usually appears if the user takes too long to find evidence options. e.g. they've gone to find a payslip to prove their identity and it takes too long.
@david-mcdowell commented on 22 Mar 2017
this one also got sent round the design team and I thought it was useful to inform my thinking.
@alex16wake commented on 25 Jul 2017
On SCRS we have a modal window that someone else has mentioned and we used this because it has been approved for accessibility and tested well with users when we did some scenario testing. Example below
@stevenaproctor commented on 26 Jul 2017
I think we need to look at the content of all these suggestions. There is a lot of jargon that could be made simpler. Things like timeout, inactivity, session are web jargon.
For a modal, screen readers must announce the title and set focus to the link or button at the same time. Not all content may be read out.
Something like: