How to write Test Cases for a Login Page

In any application, logging in is the process to access an application by an individual who has valid user credentials. Logging in is usually used to enter a specific page, which trespassers cannot see. In this post, we will see the “Test Scenarios Login Page”. Testing of the Login page is very important for any application in terms of the security aspect. We will try to cover the most widely used Login Page scenarios here.

Must Read: Test Case Template With Detailed Explanation

We usually write test cases for the login page for every application we test. Every login page should have the following elements.

  1. ‘Email/Phone Number/Username’ Textbox
  2. ‘Password’ Textbox
  3. Login Button
  4. ‘Remember Me’ Checkbox
  5. ‘Keep Me Signed In’ Checkbox
  6. ‘Forgot Password’ Link
  7. ‘Sign up/Create an account’ Link
  8. CAPTCHA

Test Scenarios Login Page

Here we focus on the following to write test cases for a login page.

We have to write test cases on each object in the login form.

  • We have to write both positive and negative test cases.
  • We have to write both funcitonal and nonfunctional test cases.
  • We have to write UI, functional, compatibility and performance test cases.

Following are the test cases for User Login Page. The list consists of both Positive and Negative test scenarios login page.

Must Read: Test Plan Template With Detailed Explanation

Test Cases of a Login Page (Test Scenarios Login Page):

  1. Verify that cursor is focused on the “Username” text box on the page load (login page)
  2. Verify that the login screen contains elements such as Username, Password, Sign in button, Remember password check box, Forgot password link, and create an account link.
  3. Verify that tab functionality is working properly or not
  4. Verify that Enter/Tab key works as a substitute for the Sign-in button
  5. Verify that all the fields such as Username, Password has a valid placeholder
  6. Verify whether all the text boxes have a minimum and maximum length.
  7. Verify that the labels float upward when the text field is in focus or filled (In case of the floating label)
  8. Verify that the User is able to Login with Valid Credentials
  9. Verify that the User is not able to Login with an invalid Username and invalid Password
  10. Verify that the User is not able to Login with a Valid Username and invalid Password
  11. Verify that the User is not able to log in with an invalid Username and Valid Password
  12. Verify that the User is not able to log in with a blank Username or Password
  13. Verify that the User is not able to Login with inactive credentials
  14. Verify that the reset button clears the data from all the text boxes in the login form
  15. Verify that the login credentials, mainly password stores in a database in an encrypted format
  16. Verify that clicking on the browser back button after successful login should not take the User to log out mode
  17. Verify that clicking on the browser back button after successful logout should not take the User to a logged-in mode
  18. Verify that there is a limit on the total number of unsuccessful login attempts (No. of invalid attempts should be based on business logic. Based on the business logic, User will be asked to enter the captcha and try again or user will be blocked)
  19. Verify that the password is in encrypted form  (masked format) when entered
  20. Verify the password can be copy-pasted. System shouldn’t allow users to copy paste password.
  21. Verify that encrypted characters in the “Password” field should not allow deciphering if copied
  22. Verify that the User should be able to login with the new password after changing the password
  23. Verify that the user should not be able to login with the old password after changing the password
  24. Verify that spaces should not be allowed before any password characters attempted
  25. Verify whether the user is still logged in after a series of actions such as sign-in, close the browser, and reopen the application.
  26. Verify that the ways to retrieve the password if the user forgets the password
  27. Verify that the “Remember password” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
  28. Verify that the “Keep me logged in” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
  29. Verify that the timeout of the login session (Session Timeout)
  30. Verify that the logout link is redirected to login/home page
  31. Verify that User is redirected to appropriate page after successful login
  32. Verify that the User is redirected to the Forgot password page when clicking on the Forgot Password link
  33. Verify that the User is redirected to the Create an account page when clicking on the Signup / Create an account link
  34. Verify that validation message is displayed in the case when User leaves Username or Password as blank
  35. Verify that validation message is displayed in case of exceeding the character limit of the Username and Password fields
  36. Verify that validation message is displayed in case of entering special character in the Username and password fields
  37. Verify whether the login form is revealing any security information by viewing the page source
  38. Verify that the login page is vulnerable to SQL injection
  39. Verify whether Cross-site scripting (XSS ) vulnerability works on a login page. XSS vulnerability may be used by hackers to bypass access controls.
    If there is a captcha on the login page (Test Cases for CAPTCHA):
  40. Verify that whether there is a client-side validation when the User doesn’t enter the CAPTCHA
  41. Verify that the refresh link of CAPTCHA is generating the new CAPTCHA
  42. Verify that the CAPTCHA is case sensitive
  43. Verify whether the CAPTCHA has audio support to listen
  44. Verify whether virtual keyboard is available and working properly to enter login credentials incase of banking applications.
  45. Verify two-way authentication through OTP is working properly incase of banking applications.
  46. Verify SSL certificate is implemented or not
  47. Verify the login page and all the fields in the login page are displaying without any break in different browsers
    Cookies – Learn Website Cookie Testing
  48. Verify that the user is able to login when the browser cookies are cleared. When the cookies are cleared, system should not allow user to login automatically.
  49. Verify the login functionality when the browser cookies are turned off.

Must Read: Test Scenarios of a Signup form

Writing test cases for an application takes a little practice. A well-written test case should allow any tester to understand and execute the tests and make the testing process smoother and saves a lot of time in the long run. Earlier we have posted a video on How To Write Test Cases. I am concluding this post “Test Scenarios Login Page / Test Scenarios of Login form”.

Like this post? Don’t forget to share it! If you have queries, please comment below.

Here are a few hand-picked articles for you to read next:

Sharing is caring.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Like This Post?

We have a lot more where that came from?

We only send really good stuff occasionally, promise.

Rajkumar

4 thoughts on “How to write Test Cases for a Login Page”

  1. Very nice page.
    Would be usefull for me als a page special for security testing for beginners. How to make security testing . If any such page is known i appreciate for feedback.
    Thanks again for nice scenario collection

  2. Its a very knowledgeable page… Best page to learn things and get clear understanding about the topics.. Thank you for creating this page

  3. very useful to us its giving how to write test cases it is purely endorsed
    we are very clearly undestood this topic its very helpful

    • Happy testing. Please share about this blog with your friends.

Leave a Comment

API Testing eBook

DOWNLOAD FOR FREE