Home > Others

Login Function Test Summary

Source: Internet
Author: User
Tags sql injection attack
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Simple summary of the login function of the test point, the Internet also has a lot of posts can be consulted, here to make a record, convenient for later access and use:

First, the basic function test:

    1. Enter the correct user name and password to log on successfully
    2. Enter the wrong username password login failed
    3. The user name is correct, the password is wrong, are you prompted for a password error?
    4. User name error, password OK, are you prompted to enter a user name error?
    6. Is there a hint when the user name password is empty?
    8. logged out user Login failed, prompt information friendly? Does the
    9. password box appear encrypted? Does the
    10. user name support Chinese, special characters? Does the
    11. user name have a length limit? Does the
    12. password support Chinese, special characters? Does the
    13. password have a length limit? is the
    14. password case-sensitive? is the
    15. password prompt for modifications when it is a simple, common string? such as: 123456
    16. How is the password stored? Is it encrypted? is the
    17. login function required to enter a verification code?
      1. Validation code valid time?
      2. Code input error, Login failed, prompt information is friendly?
      3. Enter expired authentication can I log on successfully?
      4. is the verification code easy to identify?
      5. is the captcha feature available? Can I click the captcha image to change the verification code?
    18. user system: For example, the system is divided into ordinary users, advanced users, different users can log on to the system after different permissions.
    19. If you use a third-party account (QQ, Weibo account) to log in, then the third-party account and the system's account system corresponding relationship how to save? First logon requires a totalitarian wait

Second, the page test:

    1. Does the sign-in page appear normal? Text and pictures can be normal display, the corresponding prompt information is correct, button settings and arrangement is normal, the page is simple and spectacular.
    2. Whether the default focus of the page is located in the input box of the user name
    3. is the corresponding input box empty at the first logon? Or if you have a default copy, does the default scheme disappear when you click the input box?
    4. The corresponding button such as login, reset and so on, whether the page's forward, rewind, refresh button is available?
    5. Shortcut key Tab,esc,enter, etc., can control the use of
    6. Compatibility test: Different browsers, different operating systems, different resolutions of the interface is normal

three . Safety test:

    1. do not log in: The browser directly enter the address after login, to see if you can directly enter the
    2. login successfully generated after the cookie, whether it is httponly (otherwise easy to be scripted)

    3. is the user name and password sent to the Web server

    4.  

    5.  

      The user name and password input box should block the SQL injection attack

    6.  

      The input box for username and password should prohibit input script (prevent XSS attack)

    7.  

      The number of error login limit (prevent brute force)

    8.  

      Consider whether multiple users are supported to log on on the same machine;

    9. Consider a user logging on on multiple machines

four . Performance test:

    1. Whether the response time of single-user login system conforms to the "3-5-8" principle
    2. The number of users at the critical point when concurrent logins can also comply with the "3-5-8" principle
    3. Pressure: A large number of concurrent user logins, what is the response time of the system? Will there be downtime, memory leaks, CPU saturation, and no sign-in?
    4. Stability: Can the system process the number of concurrent users in a continuous login to n at the point of the scene?

five . Other tests:

    1. Input 3 or more consecutive error password, remember whether to be locked for a certain time (such as: 15 minutes)? The time is not allowed to log in, beyond the point of time can continue to log in.
    2. After the user session expires, will re-login again return to the previous session expired page?
    3. User name and password input box is the thing that supports keyboard shortcuts? such as: Undo, Copy, paste, etc.
    4. Do you want to allow users with the same name to log in simultaneously? Consider web and app simultaneous logins
    5. When mobile phone log on, whether to determine the network is available?
    6. When you log in, do you first determine if the app has a new version?
    7. Do you support single sign-on?
    8. Is there a buried interface?

Login Function Test Summary

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or

Related Keywords:
pearson test login test sql function split function test dynamic function test phpunit test function test php function online test php mail function

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More