Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reusable Test Case For Login Module Author: Ashwin C Reference: Q-Patterns by Vipul Kocher from PureTesting.com Version No: 1.0 Created Date: 02/08/2007.

Published bySilas Owen Modified over 9 years ago

Similar presentations

Presentation on theme: "Reusable Test Case For Login Module Author: Ashwin C Reference: Q-Patterns by Vipul Kocher from PureTesting.com Version No: 1.0 Created Date: 02/08/2007."— Presentation transcript:

1 Reusable Test Case For Login Module Author: Ashwin C Reference: Q-Patterns by Vipul Kocher from PureTesting.com Version No: 1.0 Created Date: 02/08/2007

2 Slide 2 A quick introduction What this presentation is about: –These are a set of test questions that will help validate the ‘authentication’ module of the product. The questions are categorized into: –Functionality questions –User Interface questions –Security questions –Appendix Who can use this? –Test engineers who need to test web based authentication –Developers who need to implement this module –Designers involved in specifying the authentication design

3 Slide 3 Functionality User-Id/Password constraints/properties –What is the min/max length of User-Id/Password? –Are they mandatory to be alphanumeric/numeric only? –Should the password contain at least one special character/non- alphabet? –Is User-Id/Password case sensitive? –Are Blank password allowed? –Can characters like #,$,or accented characters such as ç,è be used? –Can Password contain only space? –Can space be allowed in between User-Id/Password? –Is trimming done for Leading/Trailing White Spaces? Successful Login –Is the next screen presented to the User based on User Role? –Can a User Log into the application multiple times, without logging out?

4 Slide 4 Functionality continued Login failure, is there a limit on number of attempts? –What is the number of allowed retries for login failure? –What happens after all retries are exhausted? Password change –Test for ‘new password’ and ‘confirm password’ to be identical –Try with CAPS and small letters –Try with one password having leading/trailing spaces –Can it be reset to the same password again? –Can it be reset to a previously used password? Can User request a password reset, if he has forgotten the password?

5 Slide 5 User Interface What is the strategy for conveying login failure? –Exact error cause (User does not exist, password is incorrect) shown or a generic message about any one of them being incorrect shown? –Where is cursor placed after login failure message is dismissed? –User-Id/password or both blanked out after incorrect login? Verification of the error message for clarity/communication in the below scenarios –When number of retries exceeds the configured value. –When an "Inactive/Locked" User tries to Login. –Does field name displayed in the Screen/UI and that displayed in the error message match? Key Usage –Is the password cleared, when the browser Back button is used after Login?

6 Slide 6 Security Login, copy the browser URL, sign-out and paste the URL and try to break in Login, logout, go ‘back’ and try to use the application – it should fail Test for ‘SQL injection’ Are they encrypted before storing? If yes what is the encryption algorithm used? Are encrypted passwords accepted ? Encryption before transmission? Number of failed login allowed ? Display of password in debug logs? Expiry of session after some interval of inactivity?

7 Slide 7 Appendix – Additional test questions Response time performance –What is the time taken for authentication? (It may depend upon…) –Repository for password storage –Encryption algorithm –Connectivity –What is the time taken for displaying next screen? –What is the time taken for notification of login failure? –What is the response time for above scenarios when there are multiple simultaneous logins happening? Storage performance –Is the storage independent of User-Id and password length? –Does the storage adjust itself when Users are deleted?

8 Slide 8 Appendix – continued Is there a ‘Auto load the Password’ feature? –When a user specifies the login name, password gets pre- populated –Can this be turned off? –Can saved passwords be “unsaved”? –What is the limit on number of saved used id-password combinations? –Where is this information saved? Is there a ‘Remember Me’ feature? –Can this be turned off? –Is the User logged in on loading the application? –Is the Home page/selected(Book Mark) screen presented to the User? –Where is this information saved?

9 Slide 9 Appendix – continued Does the password expire? –In how many days? (Say X) –Can the User set the value of X? –Can Administrator set “Password does not expire” for a User? Can End-of-Line Characters be allowed in between the User-Id/Password?

10 Slide 10 www.trigent.com Contact Trigent 2 Willow Street, Suite #201 Southborough, MA 01745 USA nagendra_r@trigent.com +1-877-3TRIGENT

Download ppt "Reusable Test Case For Login Module Author: Ashwin C Reference: Q-Patterns by Vipul Kocher from PureTesting.com Version No: 1.0 Created Date: 02/08/2007."

Similar presentations

Page 1 of 12 To the ETS - Correspondence Online Training Course Welcome The Correspondence functionality is an online service that enables clients to receive.

Page 1 of 12 To the ETS - Correspondence Online Training Course Welcome The Correspondence functionality is an online service that enables clients to receive.
Web Shift Booking System

Web Shift Booking System
My System Profile and Password Reset Instructions PART 1 For every Core-CT User ID follow these steps to use the Automated Password Reset feature: 1.Log.

My System Profile and Password Reset Instructions PART 1 For every Core-CT User ID follow these steps to use the Automated Password Reset feature: 1.Log.
Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.

Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.
DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.

DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.
Your NEW Social Services Verification Tool

Your NEW Social Services Verification Tool
Information Services Portal Login/Logout. LOGIN PAGE Please refer to the following pages for scenarios 1, 2 and 3 Please refer to the ‘Guest User’ User.

Information Services Portal Login/Logout. LOGIN PAGE Please refer to the following pages for scenarios 1, 2 and 3 Please refer to the ‘Guest User’ User.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.

Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.
Find the best way to finance your future 0800 88 99 00 | www.studylink.govt.nz Verification of Study Online Online Institution Interface (OII) Training.

Find the best way to finance your future | Verification of Study Online Online Institution Interface (OII) Training.
Text 1 July, 2010 DCMS: Training Manual Consumer Portal.

Text 1 July, 2010 DCMS: Training Manual Consumer Portal.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.

Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.
How to Login into SSA ?. Home Page https://ssa.mahindrasatyam.com Click on My Profile.

How to Login into SSA ?. Home Page Click on My Profile.
1. 2 Overview of AT&T EPIC Ordering Process for SUS (Supply Order) Suppliers 1.AT&T User creates shopping cart on internal web-based portal 2.Shopping.

1. 2 Overview of AT&T EPIC Ordering Process for SUS (Supply Order) Suppliers 1.AT&T User creates shopping cart on internal web-based portal 2.Shopping.
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
Lawson System Foundation 9.0

Lawson System Foundation 9.0
Health and Wellness for all Arizonans Bureau of EMS and Trauma System Secure, Encrypted, On-Line EMS Services System 2015 Training Programs System Instruction.

Health and Wellness for all Arizonans Bureau of EMS and Trauma System Secure, Encrypted, On-Line EMS Services System 2015 Training Programs System Instruction.
Employee Self Service (ESS) Version 2.04.0.0. Employee Self Service  access from any computer  view their elected withholding, earnings summary, check.

Employee Self Service (ESS) Version Employee Self Service  access from any computer  view their elected withholding, earnings summary, check.
Basic Navigation in SAP For the Windows Graphical User Interface (GUI) Click your mouse anywhere or select “Page Down” to scroll through the pages.

Basic Navigation in SAP For the Windows Graphical User Interface (GUI) Click your mouse anywhere or select “Page Down” to scroll through the pages.

Similar presentations

Ads by Google