WCAG 2.2.5: Re-authenticating

Level AAA

Quick answer: When sessions expire, users should be able to continue the task after re-authenticating without losing what they already entered.

What This Means

On ecommerce sites, Re-authenticating usually shows up in repeating storefront components such as product cards, PDP media, search results, cart drawers, checkout forms, and support content. If the live experience depends on patterns like b2b checkout logs users out and empties the cart. or account profile edits disappear after a timeout-based re-login., disabled shoppers can lose context or get blocked before purchase.

This criterion matters because D2C teams often fix the homepage but miss reusable app blocks, campaign pages, and mobile-specific UI. The practical standard is simple: build the same outcome for keyboard users, screen-reader users, low-vision users, and anyone relying on captions, labels, structure, or predictable behavior.

For Shopify, WooCommerce, and custom storefronts, the fastest remediation path is usually template-level work. Fix the repeated component once, then retest every place it appears across browse, buy, and post-purchase journeys.

Common Violations on Ecommerce Sites

B2B checkout logs users out and empties the cart.
Account profile edits disappear after a timeout-based re-login.
Returns portals lose uploaded images when re-authentication is required.
Wholesale ordering carts clear after a session renewal.

How to Fix It

Start with the live customer journey, not isolated components in Storybook or Figma. Audit the problem on category pages, product detail pages, quick views, cart, checkout, account, and help templates.

Persist form data, cart state, and uploads across re-authentication flows.
Return users to the same step after sign-in rather than the homepage.
Save draft data server-side for long workflows.
Warn users before timeout so they can extend the session or save progress.

On Shopify, fix the theme section or app block that repeats the defect. On WooCommerce and WordPress, update the template override or plugin output. In custom React or headless storefronts, move the fix into shared components so merchandisers cannot reintroduce the issue with every campaign.

Code Example

<!-- Before -->
location.href = '/login';

<!-- After -->
sessionStorage.setItem('draftCheckout', JSON.stringify(formState));
location.href = '/login?return=/checkout/payment';

FAQ

What is WCAG 2.2.5?
When sessions expire, users should be able to continue the task after re-authenticating without losing what they already entered.

How does WCAG 2.2.5 affect ecommerce sites?
It affects ecommerce anywhere shoppers interact with b2b checkout logs users out and empties the cart. and account profile edits disappear after a timeout-based re-login. If those patterns are inaccessible, customers can miss product information, fail forms, or abandon checkout.

How to fix WCAG 2.2.5 violations?
Start by auditing the live storefront, then Persist form data, cart state, and uploads across re-authentication flows.; Return users to the same step after sign-in rather than the homepage.; Save draft data server-side for long workflows.. Prioritize templates and apps that repeat the issue across product, cart, checkout, and account pages.

Check if your store passes WCAG 2.2.5 → Free ADA Compliance Scan