Test Scenarios Login Page
In any application, logging in is the process to access an application by an individual who has valid user credentials. Logging in is usually used to enter a specific page, which trespassers cannot see. In this post, we will see “Test Scenarios Login Page”. Testing of the Login page is very important for any application in terms of security aspect. We will try to cover most widely used Login Page scenarios here.
Must Read: Test Case Template With Detailed Explanation
We usually write test cases for login page for every application we test. Every login page should have the following elements.
- ‘Email/Phone Number/Username’ Textbox
- ‘Password’ Textbox
- Login Button
- ‘Remember Me’ Checkbox
- ‘Keep Me Signed In’ Checkbox
- ‘Forgot Password’ Link
- ‘Sign up/Create an account’ Link
Following are the test cases for User Login Page. The list consists of both Positive and Negative test scenarios login page.
Must Read: Test Plan Template With Detailed Explanation
Test Cases of a Login Page (Test Scenarios Login Page):
- Verify that cursor is focused on “Username” text box on the page load (login page)
- Verify that the login screen contains elements such as Username, Password, Sign in button, Remember password check box, Forgot password link, and Create an account link.
- Verify that tab functionality is working properly or not
- Verify that Enter/Tab key works as a substitute for the Sign in button
- Verify that all the fields such as Username, Password has a valid placeholder
- Verify that the labels float upward when the text field is in focus or filled (In case of floating label)
- Verify that User is able to Login with Valid Credentials
- Verify that User is not able to Login with invalid Username and invalid Password
- Verify that User is not able to Login with Valid Username and invalid Password
- Verify that User is not able to Login with invalid Username and Valid Password
- Verify that User is not able to Login with blank Username or Password
- Verify that User is not able to Login with inactive credentials
- Verify that clicking on browser back button after successful login should not take User to log out mode
- Verify that clicking on browser back button after successful logout should not take User to logged in mode
- Verify that there is a limit on the total number of unsuccessful login attempts (No. of invalid attempts should be based on business logic. Based on the business logic, User will be asked to enter captcha and try again or user will be blocked)
- Verify that the password is in encrypted form when entered
- Verify the password can be copy-pasted
- Verify that encrypted characters in “Password” field should not allow deciphering if copied
- Verify that User should be able to login with the new password after changing the password
- Verify that User should not be able to login with the old password after changing the password
- Verify that spaces should not be allowed before any password characters attempted
- Verify that whether User is still logged in after series of actions such as sign in, close browser and reopen the application.
- Verify that the ways to retrieve the password if the User forgets the password
- Verify that “Remember password” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
- Verify that “Keep me logged in” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
- Verify that the timeout of the login session (Session Timeout)
- Verify that the logout link is redirected to login/home page
- Verify that User is redirected to appropriate page after successful login
- Verify that User is redirected to Forgot password page when clicking on Forgot Password link
- Verify that User is redirected to Create an account page when clicking on Sign up / Create an account link
- Verify that validation message is displayed in case when User leaves Username or Password as blank
- Verify that validation message is displayed in case of exceeding the character limit of the Username and Password fields
- Verify that validation message is displayed in case of entering special character in the Username and password fields
- Verify whether the login form is revealing any security information by viewing page source
- Verify that the login page is vulnerable to SQL injection
- Verify whether Cross-site scripting (XSS ) vulnerability work on a login page. XSS vulnerability may be used by hackers to bypass access controls.
If there is a captcha on the login page (Test Cases for CAPTCHA):
- Verify that whether there is a client-side validation when User doesn’t enter CAPTCHA
- Verify that the refresh link of CAPTCHA is generating new CAPTCHA
- Verify that the CAPTCHA is case sensitive
- Verify whether the CAPTCHA has audio support to listen
Must Read: Test Scenarios of a Signup form
Writing test cases for an application takes a little practice. A well-written test case should allow any tester to understand and execute the tests and make the testing process smoother and saves a lot of time in long run. Earlier we have posted a video on How To Write Test Cases. I am concluding this post “Test Scenarios Login Page / Test Scenarios of Login form”.
Like this post? Don’t forget to share it! If you have queries, please comment below.
Here are a few hand-picked articles for you to read next: