Shulou(Shulou.com)06/03 Report--

Testing web login can be divided into five aspects: function test, interface test, performance test, security test and compatibility test.

Confirm whether the login entry is a web page login or a pop-up window entry.

Functional testing:

1. Log in successfully

Log in to the page with the correct user name and password

The page jumps to the website page correctly

two。 Login failed

Do not enter the user name and password, click to log in directly, relevant information prompt

Log in with the correct user name and the wrong password, indicating that the password is wrong

Login with the wrong user name and the wrong password, indicating that the user name does not exist

3. Input rule validation

The user name and password input is too long or too short

Login with spaces or other special characters in the user name and password

4. Password display

Password ciphertext display

Keyboard case prompt when entering password

5. Remember password function

Check password authentication

The wrong password does not record work.

-Auxiliary testing function-

6. CAPTCHA input

Verify the login function

Cannot log in without entering CAPTCHA and prompt for CAPTCHA

CAPTCHA expiration function

7. Enter key login

Enter your user name and password and press enter to log in.

8. Register, forget password

Hyperlink to the relevant page

Interface testing:

1. Enter the user name, password, two TEXTBOX, login button alignment

two。 The input box is highly in line with user needs and aesthetic standards.

Performance testing

1. Open the login interface to jump function.

two。 After the user logs in to the interface, the page jumps to function.

Security testing

Whether the Cookie generated after a successful login is httponly (otherwise it is easy to be stolen by the script) whether the user name and password sent to the Web server are verified by encryption should be verified by the server, instead of using javascript to verify the user name and password input box on the client side, the input box of SQL injection * * user name and password should be blocked. It should be forbidden to enter scripts (to prevent XSS***) to limit the number of wrong logins (to prevent violent cracking). Consider whether to support multiple users to log in on the same machine. Consider the function of automatic offline sleep after a user logs in on multiple machines.

Compatibility Test (Compatibility Test)

Can mainstream browsers show whether different platforms are working properly (IE,6,7,8,9, Firefox, Chrome, Safari, etc.), such as whether Windows and Mac mobile devices work properly, such as different resolutions of Iphone and Andriod

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.