From 88708ef191c606590a87447365970d3f8fa48c37 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:26:42 +0100
Subject: [PATCH 01/19] Replace strong paragraph with actual heading markup

---
 understanding/20/timing-adjustable.html | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index cf437542a3..e17c4915f9 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -51,11 +51,7 @@ <h2>Intent of Timing Adjustable</h2>
       
       <p>Content that operates on a timer does not need to be time adjustable if there is an alternative that does not rely on a timer. For example, a web application such as an email client provides notification of new email arriving with a temporary message (such as a 'toast' message) in the lower right-hand side of the interface, and the message disappears after 5 seconds. Users are able to identify the arrival of email through other means, such as viewing the Inbox, so the disappearance of the message does not set a time limit on the their ability to determine if new mail has arrived. If the user has no other means of discovering the same information (or performing the same function), then each message would need to meet this success criterion in order to provide users with sufficient time to access the information.</p>
 
-      <p>
-         						   
-         <strong>Notes regarding server time limits</strong>
-         					
-      </p>
+      <h3>Notes regarding server time limits</h3>
       
       <ul>
          

From e03f966c6e475ee5fd18eec78c47654be8d3fe6f Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:36:22 +0100
Subject: [PATCH 02/19] Remove excessive whitespace

---
 understanding/20/timing-adjustable.html | 186 ++++++------------------
 1 file changed, 43 insertions(+), 143 deletions(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index e17c4915f9..8dfb231a52 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
 <head>
-   <meta charset="UTF-8"></meta>
+   <meta charset="UTF-8"/>
    <title>Understanding Timing Adjustable</title>
    <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
 </head>
 <body>
    <h1>Understanding Timing Adjustable</h1>
-   
+
    <section id="brief">
 		<h2>In brief</h2>
 		<dl>
@@ -17,11 +17,10 @@ <h2>In brief</h2>
       </dl>
 
    </section>
-   
+
    <section id="intent">
       <h2>Intent of Timing Adjustable</h2>
-      
-      
+
       <p>The intent of this success criterion is to ensure that users with disabilities are
          given adequate time to interact with web content whenever possible. People with disabilities
          such as blindness, low vision, dexterity impairments, and cognitive limitations may
@@ -34,33 +33,30 @@ <h2>Intent of Timing Adjustable</h2>
          limit occurs helps those users who require more time than expected to successfully
          complete tasks. These options are listed in the order that will be most helpful for
          the user. Disabling time limits is better than customizing the length of time limits,
-         which is better than requesting more time before a time limit occurs. 
+         which is better than requesting more time before a time limit occurs.
       </p>
-      
+
       <p>Any process that happens without user initiation after a set time or on a periodic
          basis is a time limit. This includes partial or full updates of content (for example,
          page refresh), changes to content, or the expiration of a window of opportunity for
-         a user to react to a request for input. 
+         a user to react to a request for input.
       </p>
-      
+
       <p>It also includes content that is advancing or updating at a rate beyond the user's ability to read and/or understand it. In other words, animated, moving or scrolling content introduces a time limit on a users ability to read content.</p>
 
       <p>This success criterion is generally not applicable when the content repeats or is synchronized with other content, so long as the information and data is adjustable or otherwise under the control of the end user.  Examples of time limits for which this success criterion is not applicable include scrolling text that repeats, captioning, and <a href="https://www.w3.org/WAI/tutorials/carousels/">carousels</a>.  These are situations which do include time limits, but the content is still available to the user because it has controls for accessing it, as specified in <a href="../../guidelines/sc/20/pause-stop-hide.html">2.2.2 Pause, Stop, Hide</a>.</p>
 
       <p>In some cases, however, it is not possible to change the time limit (for example, for an auction or other real-time event) and exceptions are therefore provided for those cases.</p>
-      
+
       <p>Content that operates on a timer does not need to be time adjustable if there is an alternative that does not rely on a timer. For example, a web application such as an email client provides notification of new email arriving with a temporary message (such as a 'toast' message) in the lower right-hand side of the interface, and the message disappears after 5 seconds. Users are able to identify the arrival of email through other means, such as viewing the Inbox, so the disappearance of the message does not set a time limit on the their ability to determine if new mail has arrived. If the user has no other means of discovering the same information (or performing the same function), then each message would need to meet this success criterion in order to provide users with sufficient time to access the information.</p>
 
       <h3>Notes regarding server time limits</h3>
-      
+
       <ul>
-         
          <li>Timed server redirects can be found below under Common Failures.</li>
-         
          <li>Non-timed server redirects (e.g., 3xx response codes) are not applicable because there
             is no time limit: they work instantly.
          </li>
-         
          <li>This success criterion applies only to time limits that are set by the content itself.
             For example, if a time limit is included in order to address security concerns, it
             would be considered to have been set by the content because it  is designed to be
@@ -68,19 +64,16 @@ <h3>Notes regarding server time limits</h3>
             set externally to content, such as by the user agent or by factors intrinsic to the
             Internet are not under the author's control and not subject to WCAG conformance requirements.
             Time limits set by web servers should be under the author's/organization's control
-            and are covered. (Success Criteria 
-            <a href="no-timing" class="guideline">2.2.3</a>, 
-            <a href="interruptions" class="guideline">2.2.4</a> and 
+            and are covered. (Success Criteria
+            <a href="no-timing" class="guideline">2.2.3</a>,
+            <a href="interruptions" class="guideline">2.2.4</a> and
             <a href="re-authenticating" class="guideline">2.2.5</a> may also apply.)
          </li>
-         
          <li>Ten times the default was chosen based on clinical experience and other guidelines.
             For example, if 15 seconds is allowed for a user to respond and hit a switch, 150
             seconds would be sufficient to allow almost all users to hit a switch even if they
             had trouble.
-            
          </li>
-         
          <li>20 seconds was also based on clinical experience and other guidelines. 20 seconds
             to hit 'any switch' is sufficient for almost all users including those with spasticity.
             Some would fail, but some would fail all lengths of time. A reasonable period for
@@ -96,33 +89,21 @@ <h3>Notes regarding server time limits</h3>
             key," 20 seconds would meet this. If the person indicates that they are still present,
             the device should return the user to the exact condition that existed before it asked
             the question.
-            
-         </li>
-         
-         <li>20 hours was chosen as an upper limit because it is longer than a full waking day.
-            
          </li>
-         
+         <li>20 hours was chosen as an upper limit because it is longer than a full waking day.</li>
       </ul>
-      
+
       <p>In cases where timing is not an intrinsic requirement but giving users control over
          timed events would invalidate the outcome, a third party can control the time limits
-         for the user (for example, granting double time on a test). 
-         
-      </p>
-      
-      <p>See also 
-         <a href="no-timing">2.2.3: No Timing</a>.
-      </p>
-      
-      
+         for the user (for example, granting double time on a test).</p>
+
+      <p>See also <a href="no-timing">2.2.3: No Timing</a>.</p>
+
    </section>
    <section id="benefits">
       <h2>Benefits of Timing Adjustable</h2>
-      
-      
+
       <ul>
-         
          <li>People with physical disabilities often need more time to react, to type and to complete
             activities.  People with low vision need more time to locate things on screen and
             to read.   People who are blind and using screen readers may need more time to understand
@@ -131,52 +112,40 @@ <h2>Benefits of Timing Adjustable</h2>
             deaf and communicate in sign language may need more time to read information printed
             in text (which may be a second language for some).
          </li>
-         
          <li>In circumstances where a sign-language interpreter may be relating audio content to
             a user who is deaf, control over time limits is also important.
          </li>
-         
          <li>People with reading disabilities, cognitive limitations, and learning disabilities
             who may need more time to read or comprehend information can have additional time
             to read the information by pausing the content.
          </li>
-         
       </ul>
-      
    </section>
-   
+
    <section id="examples">
       <h2>Examples of Timing Adjustable</h2>
-      
-      
+
       <ul>
-         
          <li>A website uses a client side time limit to help protect users who may step away from
             their computer.   After a period of inactivity the web page asks if the user needs
-            more time.  If it doesn't get a response – it times out. 
+            more time.  If it doesn't get a response – it times out.
          </li>
-         
          <li>A web page has a field that automatically updates with the latest headlines in a rotating
             fashion. There is an interactive control that allows the user to extend the length
             of time between each update to as much as ten times the default. The control can be
-            operated with either a mouse or a keyboard. 
-            
+            operated with either a mouse or a keyboard.
          </li>
-         
          <li>A web page includes an animation which includes text that appears and disappears throughout.
             In some cases, the text is scrolling across the screen and in others, it is only displayed
             for a short time before it fades into the background. The page includes a pause button
             so that users who have trouble reading the text before it disappears can read it.
          </li>
-         
          <li>In an auction, there is a time limit on the amount of time a user has to submit a
             bid. Since the time limit applies to all users who want to bid on a particular item,
             it would be unfair to extend the time limit for any one particular user. Therefore,
             a time limit is required for this type of activity and no extension, adjustment, or
             deactivation of the time limit is required by this success criterion.
-            
          </li>
-         
          <li>An on-line ticket-purchasing site gives the user two minutes to confirm a purchase
             before the seats are returned to the general pool. Because tickets on such sites can
             sell out quickly, holding a ticket longer than that may invalidate the nature of the
@@ -184,174 +153,105 @@ <h2>Examples of Timing Adjustable</h2>
             invalidating the activity. However, the site does move as much of the process out
             of the time-critical period as possible, for instance allowing users to provide necessary
             information like name, payment method, etc., before entering the time-critical stage.
-            
          </li>
-         
          <li>A ticket-purchasing site allows the user two minutes to confirm purchase of selected
             seats, but warns the user when their time is almost out and allows the user to extend
             this time limit some number of times with a simple action such as clicking a "Extend
             time limit" button.
-            
          </li>
-         
       </ul>
-      
+
    </section>
-   
+
    <section id="resources">
       <h2>Resources for Timing Adjustable</h2>
-      
-      
    </section>
-   
+
    <section id="techniques">
       <h2>Techniques for Timing Adjustable</h2>
-      
-      
+
       <section id="sufficient">
          <h3>Sufficient Techniques for Timing Adjustable</h3>
-         
-         
+
          <section class="situation" id="timing-adjustable-situation-0">
-            
             <h4>Situation A: If there are session time limits:</h4>
-            
+
             <ul>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G133" class="general">Providing a checkbox on the first page of a multipart form that allows users to ask
                      for longer session time limit or no session time limit
-                     
                   </a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G198" class="general">Providing a way for the user to turn the time limit off</a>
-                  									         
                </li>
-               
             </ul>
-            
+
          </section>
-         
+
          <section class="situation" id="timing-adjustable-situation-1">
-            
             <h4>Situation B: If a time limit is controlled by a script on the page:</h4>
-            
+
             <ul>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G198" class="general">Providing a way for the user to turn the time limit off</a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G180" class="general">Providing the user with a means to set the time limit to 10 times the default time
                      limit
                   </a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/client-side-script/SCR16" class="script">Providing a script that warns the user a time limit is about to expire</a>
-                  										           
                   <strong>AND</strong>
-                  										           
-                  <a href="../Techniques/client-side-script/SCR1" class="script">Allowing the user to extend the default time limit
-                     
-                  </a>
-                  									         
+                  <a href="../Techniques/client-side-script/SCR1" class="script">Allowing the user to extend the default time limit</a>
                </li>
-               
             </ul>
-            
+
          </section>
-         
+
          <section class="situation" id="timing-adjustable-situation-2">
-            
             <h4>Situation C: If there are time limits on reading:</h4>
-            
+
             <ul>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G4" class="general">G4: Allowing the content to be paused and restarted from where it was paused</a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/general/G198" class="general">Providing a way for the user to turn the time limit off</a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/client-side-script/SCR33" class="script">Using script to scroll content, and providing a mechanism to pause it</a>
-                  									         
                </li>
-               
                <li>
-                  										           
                   <a href="../Techniques/client-side-script/SCR36" class="script">Providing a mechanism to allow user to display moving, scrolling, or repeating text
                      in a static window
                   </a>
-                  									         
                </li>
-               
             </ul>
-            
          </section>
-         
       </section>
-      
+
       <section id="advisory">
          <h3>Additional Techniques (Advisory) for Timing Adjustable</h3>
-         
       </section>
-      
+
       <section id="failure">
          <h3>Failures for Timing Adjustable</h3>
-         
-         
+
          <ul>
-            
             <li>
-               									         
-               <a href="../Techniques/failures/F40" class="failure">Failure due to using meta redirect with a time limit
-                  
-               </a>
-               								       
+               <a href="../Techniques/failures/F40" class="failure">Failure due to using meta redirect with a time limit</a>
             </li>
-            
             <li>
-               									         
-               <a href="../Techniques/failures/F41" class="failure">Failure due to using meta refresh with a time limit
-                  
-               </a>
-               								       
+               <a href="../Techniques/failures/F41" class="failure">Failure due to using meta refresh with a time limit</a>
             </li>
-            
             <li>
-               									         
                <a href="../Techniques/failures/F58" class="failure">Failure due to using server-side techniques to automatically redirect pages after
-                  a time limit
-                  
-               </a>
-               								       
+                  a time limit</a>
             </li>
-            
          </ul>
-         
       </section>
-      
    </section>
-   
 </body>
 </html>

From 21d23f06dd94764638501f2df8397285c0277332 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:36:59 +0100
Subject: [PATCH 03/19] Add SC names to links

---
 understanding/20/timing-adjustable.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index 8dfb231a52..d4fa9d75a0 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -65,9 +65,9 @@ <h3>Notes regarding server time limits</h3>
             Internet are not under the author's control and not subject to WCAG conformance requirements.
             Time limits set by web servers should be under the author's/organization's control
             and are covered. (Success Criteria
-            <a href="no-timing" class="guideline">2.2.3</a>,
-            <a href="interruptions" class="guideline">2.2.4</a> and
-            <a href="re-authenticating" class="guideline">2.2.5</a> may also apply.)
+            <a href="no-timing" class="guideline">2.2.3 No Timing</a>,
+            <a href="interruptions" class="guideline">2.2.4 Interruptions</a> and
+            <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.)
          </li>
          <li>Ten times the default was chosen based on clinical experience and other guidelines.
             For example, if 15 seconds is allowed for a user to respond and hit a switch, 150

From cd523ada01476a22f12e01781a7c2096b8de0876 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:39:44 +0100
Subject: [PATCH 04/19] Replace "spasticity"

while medically correct, this looks ... out of place
---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index d4fa9d75a0..12023dee34 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -75,7 +75,7 @@ <h3>Notes regarding server time limits</h3>
             had trouble.
          </li>
          <li>20 seconds was also based on clinical experience and other guidelines. 20 seconds
-            to hit 'any switch' is sufficient for almost all users including those with spasticity.
+            to hit 'any switch' is sufficient for almost all users including those with reduced motion.
             Some would fail, but some would fail all lengths of time. A reasonable period for
             requesting more time is required since an arbitrarily long time can provide security
             risks to all users, including those with disabilities, for some applications. For

From b0d94299ebae6f995a75fe9f344683ee8b7a4d2c Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:45:04 +0100
Subject: [PATCH 05/19] No need for parentheses

---
 understanding/20/timing-adjustable.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index 12023dee34..1a5c57829e 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -64,10 +64,10 @@ <h3>Notes regarding server time limits</h3>
             set externally to content, such as by the user agent or by factors intrinsic to the
             Internet are not under the author's control and not subject to WCAG conformance requirements.
             Time limits set by web servers should be under the author's/organization's control
-            and are covered. (Success Criteria
+            and are covered. Success Criteria
             <a href="no-timing" class="guideline">2.2.3 No Timing</a>,
             <a href="interruptions" class="guideline">2.2.4 Interruptions</a> and
-            <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.)
+            <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.
          </li>
          <li>Ten times the default was chosen based on clinical experience and other guidelines.
             For example, if 15 seconds is allowed for a user to respond and hit a switch, 150

From 7ef6fe40653f2fa218660f78bb8eef5495e205f3 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:45:44 +0100
Subject: [PATCH 06/19] The notes aren't just about "server" time limits -
 generalise heading

---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index 1a5c57829e..af3031ea2b 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -50,7 +50,7 @@ <h2>Intent of Timing Adjustable</h2>
 
       <p>Content that operates on a timer does not need to be time adjustable if there is an alternative that does not rely on a timer. For example, a web application such as an email client provides notification of new email arriving with a temporary message (such as a 'toast' message) in the lower right-hand side of the interface, and the message disappears after 5 seconds. Users are able to identify the arrival of email through other means, such as viewing the Inbox, so the disappearance of the message does not set a time limit on the their ability to determine if new mail has arrived. If the user has no other means of discovering the same information (or performing the same function), then each message would need to meet this success criterion in order to provide users with sufficient time to access the information.</p>
 
-      <h3>Notes regarding server time limits</h3>
+      <h3>Notes regarding time limits</h3>
 
       <ul>
          <li>Timed server redirects can be found below under Common Failures.</li>

From e7def26f7647e530f792afeaa8e75534fc38f74d Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:49:21 +0100
Subject: [PATCH 07/19] Add note about exemption for security

---
 understanding/20/timing-adjustable.html | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index af3031ea2b..e3051e1925 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -69,6 +69,12 @@ <h3>Notes regarding time limits</h3>
             <a href="interruptions" class="guideline">2.2.4 Interruptions</a> and
             <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.
          </li>
+         <li>Certain time limits implemented for security reasons, such as time-based / time-limited
+            two-factor authentication tokens, can be considered <em>essential</em>, and are
+            exempt from this criterion. However, other criteria may apply, such as
+            <a href="redundant-entry">3.3.7 Redundant Entry</a>,
+            <a href="accessible-authentication-minimum">3.3.8 Accessible Authentication (Minimum)</a>, and
+            <a href="accessible-authentication-enhanced">3.3.9 Accessible Authentication (Enhanced)</a> may also apply.</li>
          <li>Ten times the default was chosen based on clinical experience and other guidelines.
             For example, if 15 seconds is allowed for a user to respond and hit a switch, 150
             seconds would be sufficient to allow almost all users to hit a switch even if they

From 11a06e73479e598ac618fdd94f0664f746fe83ff Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 13:59:15 +0100
Subject: [PATCH 08/19] Remove excessive whitespace

---
 understanding/20/re-authenticating.html | 84 ++++++-------------------
 1 file changed, 20 insertions(+), 64 deletions(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index 9684801e88..dca86689bc 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -1,73 +1,62 @@
 <!DOCTYPE html>
 <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
 <head>
-   <meta charset="UTF-8"></meta>
+   <meta charset="UTF-8"/>
    <title>Understanding Re-authenticating</title>
    <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
 </head>
 <body>
    <h1>Understanding Re-authenticating</h1>
-   
+
    <section id="brief">
       <h2>In brief</h2>
       <dl>
          <dt>Goal</dt><dd>Users do not lose information or context due to reauthentication.</dd>
          <dt>What to do</dt><dd>Preserve users' prior activity and data through reauthentication.</dd>
-         <dt>Why it's important</dt><dd>Some people may require additional time to complete an activity.</dd> 
+         <dt>Why it's important</dt><dd>Some people may require additional time to complete an activity.</dd>
       </dl>
 
    </section>
-   
+
    <section id="intent">
       <h2>Intent of Re-authenticating</h2>
-      
-      
+
       <p>The intent of this success criterion is to allow all users to complete authenticated
          transactions that have inactivity time limits or other circumstances that would cause
          a user to be logged out while in the midst of completing the transaction.
       </p>
-      
       <p>For security reasons, many sites implement an authentication time limit after a certain
          period of inactivity. These time limits may cause problems for persons with disabilities
-         because it may take longer for them to complete the activity. 
+         because it may take longer for them to complete the activity.
       </p>
-      
       <p>Other sites will log a person out of a session if a person logs in on the website
          from another computer or if other activities arise that make the site suspicious of
          whether the person is still the same legitimate person who logged in originally. When
          users are logged out while still in the midst of a transaction - it is important that
          they be given the ability to re-authenticate and continue with the transaction without
          the loss of any data already entered.
-         
       </p>
-      
-      
    </section>
    <section id="benefits">
       <h2>Benefits of Re-authenticating</h2>
-      
-      
+
       <ul>
-         
          <li>This success criterion benefits people who may require additional time to complete
             an activity. People with cognitive limitations may read slowly and require additional
             time to read and respond to a questionnaire. Users interacting via a screen reader
-            may need extra time to navigate and complete a complicated form. 
+            may need extra time to navigate and complete a complicated form.
             A person with motor impairments or who navigates with an alternative input device
             may require additional time to navigate through or complete input within a form.
          </li>
-         
          <li>In circumstances where a sign-language interpreter may be relating audio content to
             a user who is deaf, control over time limits is also important.
          </li>
-         
       </ul>
-      
    </section>
-   
+
    <section id="examples">
       <h2>Examples of Re-authenticating</h2>
-      
+
       <dl>
          <dt>A shopping site checkout</dt>
          <dd>A user with extremely limited use of the hands is logged into a shopping site. It
@@ -92,87 +81,54 @@ <h2>Examples of Re-authenticating</h2>
                that are relied upon, the user can elect to be alerted via a pop-up if the session
                is close to timing out.</dd>
       </dl>
-      
    </section>
-   
+
    <section id="resources">
       <h2>Resources for Re-authenticating</h2>
-      
-      
    </section>
-   
+
    <section id="techniques">
       <h2>Techniques for Re-authenticating</h2>
-      
-      
+
       <section id="sufficient">
          <h3>Sufficient Techniques for Re-authenticating</h3>
-         
-         
+
          <ul>
-            
             <li>
-               
-               <p>
-                  Providing options to continue without loss of data using one of the following techniques:
-               </p>
-               
+               <p>Providing options to continue without loss of data using one of the following techniques:</p>
                <ul>
-                  
                   <li>
-                     											             
                      <a href="../Techniques/general/G105" class="general">Saving data so that it can be used after a user re-authenticates</a>
-                     										           
                   </li>
-                  
                   <li>
-                     											             
                      <a href="../Techniques/general/G181" class="general">Encoding user data as hidden data in re-authorization page</a>
-                     										           
                   </li>
-                  
                </ul>
-               
             </li>
-            
          </ul>
-         
+
          <div class="note">
-            
-            <p>Refer to 
+            <p>Refer to
                <a href="timing-adjustable#techniques" class="understanding">Techniques for Addressing Success Criterion 2.2.1</a> for techniques related to providing notifications about time limits.
-               
             </p>
-            
          </div>
-         
       </section>
-      
+
       <section id="advisory">
          <h3>Additional Techniques (Advisory) for Re-authenticating</h3>
-         
-         
       </section>
-      
+
       <section id="failure">
          <h3>Failures for Re-authenticating</h3>
-         
-         
+
          <ul>
-            
             <li>
-               									         
                <a href="../Techniques/failures/F12" class="failure">Failure due to having a session time limit without a mechanism for saving user's input
                   and re-establishing that information upon re-authentication
                </a>
-               								       
             </li>
-            
          </ul>
-         
       </section>
-      
    </section>
-   
 </body>
 </html>

From ef0b25e4e4184d0dd27ba7fd2d62961ff3fd354d Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 14:14:45 +0100
Subject: [PATCH 09/19] Modify reauthentication examples

The examples violate timing adjustable
---
 understanding/20/re-authenticating.html | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index dca86689bc..059afc07d8 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -59,10 +59,11 @@ <h2>Examples of Re-authenticating</h2>
 
       <dl>
          <dt>A shopping site checkout</dt>
-         <dd>A user with extremely limited use of the hands is logged into a shopping site. It
-               takes so long to enter credit card information into the application that a time limit
-               occurs while the user is performing the checkout process. When the user returns to
-               the checkout process and submits the form, the site returns a login screen to re-authenticate.
+         <dd>A user is logged into a shopping site. While in the middle of the checkout process, the user
+               is interrupted and has to leave their computer. While they are away, the site prompts the user
+               that the process is about to time out, and offers the ability to extend the timeout – but with
+               the user away, the timeout is not extended and the user is logged out. When the user returns to
+               the computer, they have to re-authenticate.
                After the user logs in, the check out process is restored with the same information
                and at the same stage. The user did not lose any data because the server had temporarily
                accepted and stored the submission even though the session had timed out and restored
@@ -74,7 +75,7 @@ <h2>Examples of Re-authenticating</h2>
                remains intact and, after re-authentication, the user may send that data.</dd>
          <dt>A questionnaire with a time limit</dt>
          <dd>A long questionnaire provided within a single web page has information at the beginning
-               that indicates that the session will time out after 15 minutes. The user is also informed
+               that indicates that the session will time out after 20 hours. The user is also informed
                that the questionnaire can be saved at any point and completed at a later time. Within
                the web page there are several buttons provided to save the partially completed form.
                In addition, with JavaScript in the list of accessibility-supported content technologies

From 3db7701fa46f9de23f3d0cd877a885b34c9bdc5c Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 14:24:15 +0100
Subject: [PATCH 10/19] Add note/cross reference from re-authentication to
 timing adjustable

---
 understanding/20/re-authenticating.html | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index 059afc07d8..496ba12e80 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -36,7 +36,12 @@ <h2>Intent of Re-authenticating</h2>
          they be given the ability to re-authenticate and continue with the transaction without
          the loss of any data already entered.
       </p>
+      <p class="note">Sites that implement session time limits and re-authentication requests are
+         still subject to the requirements of other criteria, such as
+         <a href="timing-adjustable">2.2.1 Timing Adjustable</a>.
+      </p>
    </section>
+
    <section id="benefits">
       <h2>Benefits of Re-authenticating</h2>
 

From 452056d00019efc12a4d51cef40c9673f8b75400 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Mon, 5 May 2025 17:10:58 +0100
Subject: [PATCH 11/19] Update understanding/20/timing-adjustable.html

---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index e3051e1925..80f334245e 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -70,7 +70,7 @@ <h3>Notes regarding time limits</h3>
             <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.
          </li>
          <li>Certain time limits implemented for security reasons, such as time-based / time-limited
-            two-factor authentication tokens, can be considered <em>essential</em>, and are
+            two-factor authentication tokens, can be considered <em>essential</em>, and may be
             exempt from this criterion. However, other criteria may apply, such as
             <a href="redundant-entry">3.3.7 Redundant Entry</a>,
             <a href="accessible-authentication-minimum">3.3.8 Accessible Authentication (Minimum)</a>, and

From 35e9b3bf496299ff1423224f82b87690077c8a84 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:49:04 +0100
Subject: [PATCH 12/19] Update understanding/20/re-authenticating.html

---
 understanding/20/re-authenticating.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index 496ba12e80..bd3ead32db 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
 <head>
-   <meta charset="UTF-8"/>
+   <meta charset="UTF-8">
    <title>Understanding Re-authenticating</title>
    <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
 </head>

From fa9f2b776e5a776e2c82d828d2130265905224fe Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:49:22 +0100
Subject: [PATCH 13/19] Update understanding/20/re-authenticating.html

---
 understanding/20/re-authenticating.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index bd3ead32db..60874eb713 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
+<html lang="en">
 <head>
    <meta charset="UTF-8">
    <title>Understanding Re-authenticating</title>

From 01695c358f101982b41fa8d6c2c4c185bf68ec88 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:49:38 +0100
Subject: [PATCH 14/19] Update understanding/20/re-authenticating.html

---
 understanding/20/re-authenticating.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index 60874eb713..b22d0489bc 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -3,7 +3,7 @@
 <head>
    <meta charset="UTF-8">
    <title>Understanding Re-authenticating</title>
-   <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
+   <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove">
 </head>
 <body>
    <h1>Understanding Re-authenticating</h1>

From a3148a523d8a934716a4a9f4aadae2c1c8956f20 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:51:57 +0100
Subject: [PATCH 15/19] Update understanding/20/timing-adjustable.html

---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index 80f334245e..c5e2faf202 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
 <head>
-   <meta charset="UTF-8"/>
+   <meta charset="UTF-8">
    <title>Understanding Timing Adjustable</title>
    <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
 </head>

From 9f679d06bbe58580478598a82c2cb3eb45080755 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:52:32 +0100
Subject: [PATCH 16/19] Update understanding/20/timing-adjustable.html

---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index c5e2faf202..e6101b7168 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
+<html lang="en">
 <head>
    <meta charset="UTF-8">
    <title>Understanding Timing Adjustable</title>

From 38322bba65ee19acfed979c1149b48df494d8fe7 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Fri, 27 Jun 2025 13:52:47 +0100
Subject: [PATCH 17/19] Update understanding/20/timing-adjustable.html

---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index e6101b7168..55c44d26e8 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -3,7 +3,7 @@
 <head>
    <meta charset="UTF-8">
    <title>Understanding Timing Adjustable</title>
-   <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove"/>
+   <link rel="stylesheet" type="text/css" href="../../css/sources.css" class="remove">
 </head>
 <body>
    <h1>Understanding Timing Adjustable</h1>

From 6d1ba211326ade20762a7620179829bc3ab0bfee Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Sat, 6 Sep 2025 00:05:44 +0100
Subject: [PATCH 18/19] Update understanding/20/timing-adjustable.html

Co-authored-by: Dan Bjorge <dan@dbjorge.net>
---
 understanding/20/timing-adjustable.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/understanding/20/timing-adjustable.html b/understanding/20/timing-adjustable.html
index e72696d5f2..cf07e8a856 100644
--- a/understanding/20/timing-adjustable.html
+++ b/understanding/20/timing-adjustable.html
@@ -66,7 +66,7 @@ <h3>Notes regarding time limits</h3>
             Time limits set by web servers should be under the author's/organization's control
             and are covered. Success Criteria
             <a href="no-timing" class="guideline">2.2.3 No Timing</a>,
-            <a href="interruptions" class="guideline">2.2.4 Interruptions</a> and
+            <a href="interruptions" class="guideline">2.2.4 Interruptions</a>, and
             <a href="re-authenticating" class="guideline">2.2.5 Re-Authentication</a> may also apply.
          </li>
          <li>Certain time limits implemented for security reasons, such as time-based / time-limited

From c91e0a29b2059359b38406fea3ab63351ef06c29 Mon Sep 17 00:00:00 2001
From: "Patrick H. Lauke" <redux@splintered.co.uk>
Date: Sat, 6 Sep 2025 00:11:39 +0100
Subject: [PATCH 19/19] Remove quiz example from re-authenticating
 understanding

---
 understanding/20/re-authenticating.html | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/understanding/20/re-authenticating.html b/understanding/20/re-authenticating.html
index b22d0489bc..9c3de71c15 100644
--- a/understanding/20/re-authenticating.html
+++ b/understanding/20/re-authenticating.html
@@ -78,14 +78,6 @@ <h2>Examples of Re-authenticating</h2>
                the user several minutes before the time-out occurs and provides a link to open a
                new window in order to re-authenticate. The original window with the in-progress email
                remains intact and, after re-authentication, the user may send that data.</dd>
-         <dt>A questionnaire with a time limit</dt>
-         <dd>A long questionnaire provided within a single web page has information at the beginning
-               that indicates that the session will time out after 20 hours. The user is also informed
-               that the questionnaire can be saved at any point and completed at a later time. Within
-               the web page there are several buttons provided to save the partially completed form.
-               In addition, with JavaScript in the list of accessibility-supported content technologies
-               that are relied upon, the user can elect to be alerted via a pop-up if the session
-               is close to timing out.</dd>
       </dl>
    </section>