Are following the business before the test, I have no contact with the public testing of the module.
Recently there is a small task to test the login page, where you record the test point -
A functional test
Account password is correct, successful login
account is empty, suggesting enter the account
password is blank, prompt enter password
account error, login failed, suggesting account password wrong or
the wrong password, the login fails, prompt the account or password
enter the account does not exist, whether Tip password does not exist, please register?
Whether the encryption password input box displayed?
Account whether the case-sensitive password?
Page text and image display is normal?
The default page if the focus is positioned in the user name input box?
If there is a default input box copy? Click on the input box disappears?
Tab / Enter key to whether you can use?
Password input box supports copy and paste?
Whether encryption password input box displayed?
How long after a user logs expire?
User repeatedly enter the wrong password is locked for some time does not permit login? Beyond the point in time you can continue to log on
after the user session expires, whether it can return to re-login page, before the session expired?
Second, the performance test
Open to all login page rendering is complete How long?
Enter the correct account password to log how long?
How many users need to be able to support concurrent login? The maximum number of users log on response time requirement is how much?
Third, compatibility testing
Open in a different type of browser page, whether the login function properly
open the page in different resolutions, whether functioning login
page opens in a different operating system, log function is normal
four safety tests
Request login interface user name and password are transmitted in clear text to the server?
Enter the URL after login directly in the browser, whether to jump the login page?
Generated after login Cookie, whether it is httponly?
User name and password input box whether masked SQL injection?
Enter the user name and password input box whether masked script?
Password is entered incorrectly multiple times, you are locked?
Whether to support multi-user login on the same machine?
Whether to support the same user is logged on multiple machines?
It's just a login page, only account input box, enter the password and login button box, single-case scenario testing in a correct account of the known, relatively simple.
If it involves verification code, remember passwords, registration, user access control and other requirements still need to be designed and practical application test point ~