{"componentChunkName":"component---src-templates-tag-js","path":"/tags/testing-tips/","result":{"data":{"site":{"siteMetadata":{"title":"LoginRadius Blog"}},"allMarkdownRemark":{"totalCount":1,"edges":[{"node":{"fields":{"slug":"/engineering/loginscreen-testing-tips/"},"html":"<p>A <strong>login screen</strong> is a web <strong>page</strong> or an entry <strong>page</strong> to a web/mobile application that requires user identification and authentication, regularly performed by entering a username and password combination.\nThe login process is the most essential feature for any system/application as it provides access to an entire <strong>web-site/application</strong> or part of it. So, testing of the login screen needs complete coverage. </p>\n<p><span\n      class=\"gatsby-resp-image-wrapper\"\n      style=\"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 568px; \"\n    >\n      <span\n    class=\"gatsby-resp-image-background-image\"\n    style=\"padding-bottom: 61.9718309859155%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAMCAIAAADtbgqsAAAACXBIWXMAABYlAAAWJQFJUiTwAAABAElEQVQoz5WRMU7FMAyGextOwQW4AXdiZmZgYgQhMSJWJIQEGyw8oVLcpHp5aUhspwGHBtSCQH2fXKup6vr//1ZEZIzpe2s2G2v798UQYSVX27Zaa4Dc45CJY8V5DQW5SSnlYUT03o8fk0dxMWXYWhuZKcPbDYuMqZO0jOIZQ2iaRislztdrs11gIsC5PuOc92GhZtErfqvvQ0nyb5gjEo8l4SCGanyfv/h/21Q2UpDNHEL4ncc8xdzB4fkjSJ0+vF7XhmRYfL/UdQuglAKAruskuh/jccjnk7vVzsHZ/vHV7uHF3tGlffPlVw0T0lxe3vzZHdLts7qv9c0KnjrLhB/ptboRLdjeDQAAAABJRU5ErkJggg=='); background-size: cover; display: block;\"\n  ></span>\n  <img\n        class=\"gatsby-resp-image-image\"\n        alt=\"Login Screen\"\n        title=\"Login Screen\"\n        src=\"/static/d6d1c63e505b5c45c02d656bf8c80e93/10e91/Login-Page.png\"\n        srcset=\"/static/d6d1c63e505b5c45c02d656bf8c80e93/10e91/Login-Page.png 568w\"\n        sizes=\"(max-width: 568px) 100vw, 568px\"\n        style=\"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;\"\n        loading=\"lazy\"\n      />\n    </span></p>\n<p>Mentioned below are few tips that can be referred for testing the login screen of any system/application.</p>\n<p><strong>UI/UX:</strong></p>\n<ul>\n<li>Tab Order - Check if there is a logical order for using the tab key</li>\n<li>Focus on Username field - Check if, while landing on the page, the cursor is at the username field </li>\n<li>Use of enter key - Check if Login button is activated on selecting enter</li>\n<li>Accessibility - Check if all the fields on the page are correctly identified and labeled</li>\n<li>Look &#x26; Feel - Check if the page looks fine, and everything is aligned correctly.</li>\n<li>Content - Check if the content of the page is up to the mark. Are there any typos in the labels, controls of the screen?</li>\n<li>Links - Check if the page contains any existing links, and are these links still valid.</li>\n<li>Responsiveness - Check the responsiveness of the login screen in multiple sizes of computer monitors.</li>\n</ul>\n<p><strong>Security Checks:</strong></p>\n<ul>\n<li>Password - Check if the password shown or hidden(using asterisks)</li>\n<li>Password - Check if you can copy &#x26; paste the password from other applications.</li>\n<li>Password - Check if there is a minimum complexity on the password</li>\n<li>Password - Check if there is a 'Show password' option that is there or not. If yes, then check if it is working fine.</li>\n<li>Common Password Lookup - Check if the login screen is performing a lookup in the list of the most common passwords (<a href=\"https://en.wikipedia.org/wiki/List_of_the_most_common_passwords\">CommonPasswordsList</a>)</li>\n<li>View Source - Check the source code of the application and check if any valuable information given away in the HTML source code</li>\n<li>SQL Injection - Check if the login page is vulnerable to SQL input</li>\n<li>Pages - Check if you can access the other pages of the application without logging in.  </li>\n<li>URL Manipulation - Check if you are able to access the other pages of the application by editing the URLs, to gain access where it should not be allowed (without login).</li>\n<li>Multiple accounts - Check if by using different accounts, you can be logged in at the same time in the same browser</li>\n<li>Cookies - Check if you can edit and/or disable the cookies.</li>\n</ul>\n<p><strong>Functionality:</strong></p>\n<ul>\n<li>Login - Check the login functionality with valid/invalid credentials and without providing credentials.</li>\n<li>Logout - Check the logout functionality. Check on logging out; the user is logging out completely.</li>\n<li>Forgot password - Check if the forgot password option is available or not. And if it is there, does it work correctly. Also, check if it is prone to a security failure or URL manipulation</li>\n<li>Back and Forward buttons - Check how the application copes when using the browser's 'Back' and 'Forward' buttons.</li>\n<li>Remember me - Check if there is a \"Remember me\" option. And if it is present, then does it work as standard. Also, check what happens if the password is changed.</li>\n<li>Compatibility - Check the Login/Logout functionality with all possible valid/invalid cases in other browsers.</li>\n<li>Data - Check the username &#x26; password fields for data validation (Is there a minimum or maximum length of characters, boundary-values, what are the allowed characters, etc.).</li>\n<li>Error handling - Check how various errors are handled and displayed (for negative cases).</li>\n<li>Javascript-off test - Check if the login form still works when JavaScript is disabled.</li>\n<li>2FA Check - Check the login process when two-factor authentication is being provided; then test with valid/invalid token, test with valid/invalid backup code, test lockout procedure, and test recovery process.</li>\n</ul>\n<p><strong>Thanks for reading and happy testing!</strong></p>\n<style class=\"grvsc-styles\">\n  .grvsc-container {\n    overflow: auto;\n    -webkit-overflow-scrolling: touch;\n    padding-top: 1rem;\n    padding-top: var(--grvsc-padding-top, var(--grvsc-padding-v, 1rem));\n    padding-bottom: 1rem;\n    padding-bottom: var(--grvsc-padding-bottom, var(--grvsc-padding-v, 1rem));\n    border-radius: 8px;\n    border-radius: var(--grvsc-border-radius, 8px);\n    font-feature-settings: normal;\n  }\n  \n  .grvsc-code {\n    display: inline-block;\n    min-width: 100%;\n  }\n  \n  .grvsc-line {\n    display: inline-block;\n    box-sizing: border-box;\n    width: 100%;\n    padding-left: 1.5rem;\n    padding-left: var(--grvsc-padding-left, var(--grvsc-padding-h, 1.5rem));\n    padding-right: 1.5rem;\n    padding-right: var(--grvsc-padding-right, var(--grvsc-padding-h, 1.5rem));\n  }\n  \n  .grvsc-line-highlighted {\n    background-color: var(--grvsc-line-highlighted-background-color, transparent);\n    box-shadow: inset var(--grvsc-line-highlighted-border-width, 4px) 0 0 0 var(--grvsc-line-highlighted-border-color, transparent);\n  }\n  \n</style>","frontmatter":{"date":"October 30, 2020","updated_date":null,"title":"Login Screen - Tips and Ideas for Testing","tags":["LoginScreen","TestingTips"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/738ab0a6b8bc95b50a8be6d5d7419083/14b42/CoverImage.jpg","srcSet":"/static/738ab0a6b8bc95b50a8be6d5d7419083/f836f/CoverImage.jpg 200w,\n/static/738ab0a6b8bc95b50a8be6d5d7419083/2244e/CoverImage.jpg 400w,\n/static/738ab0a6b8bc95b50a8be6d5d7419083/14b42/CoverImage.jpg 800w,\n/static/738ab0a6b8bc95b50a8be6d5d7419083/47498/CoverImage.jpg 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Sudhey Sharma","github":"sudheysharma","avatar":null}}}}]}},"pageContext":{"tag":"TestingTips"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}