What is a login screen or page?
A login screen is a website or the home page of an online or mobile application that requests user identification and authentication. It is often done by providing a username or email address and password combination.
Since it grants access to a complete website or application, or at least a portion of it, therefore, the login screen needs to be thoroughly tested.
When creating test cases or test scenarios for a login page, a mix of positive and negative test cases should be used. Make sure to cover performance, security, and functional scenarios.
A username, password, 'Sign In' button, cancel button, and forgot password link may be present. There may be one more control, a checkbox labelled 'remember me,' to remember the login information on a specific machine.
32 tips for login page testing
The tips listed below can be used to test the login screen of any system/application.
1. Test the login process with and without credentials to compare the results.
2. Check whether a user will be able to log in with a valid username and password.
3. Check whether a user can log in with a valid username but an invalid password.
4. Check the login functionality when the required fields (username and password) are empty and the Submit button is pressed.
5. Make sure to test the ‘Forgot Password’ feature.
6. Check the popup messages when invalid login information is provided.
7. Check to see whether a "Remember me" option is available. And does it function normally? Check what transpires if the password is modified as well.
8. Verify if the data in the password field is hidden, visible as an asterisk or a bullet sign.
9. Check if a user can login with a new password, and only if he changed the password.
10. Check if the login page allows you to log in with different credentials in a different browser at the same time.
11. Check that the keyboard's 'Enter' key works properly on the login page.
12. Check the login session's timeout functionality to verify that the system automatically logs out the user when the session expires.
13. Check if the font, text color, and color coding on the Login page are standard.
14. Check if a 'Cancel' button is available to delete the entered text.
15. Test the login page and all of its controls in various browsers.
16. Check if a user can enter more than the specified number of characters in each field (Username and Password).
17. Validate data by looking at the username and password fields (Is there a minimum or maximum length of characters, boundary values, what are the allowed characters, etc.).
18. Verify the login page by pressing the browser's 'Back' button. After you log out, you should not be able to log back in.
19. Determine whether a user should be prevented from logging in with multiple credentials from the same browser at the same time.
20. Verify the logout feature. Check if the user is truly logged out.
21. Forgot Password - Verify whether the option to reset your password is available. And if it exists, does it function properly? Is it vulnerable to a security breach or URL manipulation?
22. Check the application's performance by using the "Back" and "Forward" buttons on the browser.
23. Check the Login/Logout feature in different browsers with all potential valid/invalid scenarios for compatibility.
24. Check the way different errors are handled and displayed (for negative cases).
25. When two-factor authentication is enabled, check the login process. Next, test the token with a valid or incorrect backup code, the lockout method, and the recovery process.
26. Examine the login screen's responsiveness on various computer monitor sizes.
27. Examine the ability to copy and paste the password from other programs.
28. Check the password's minimum complexity before using it.
29. Verify whether the "Show password" option is available, if so, see if it's functioning properly.
30. Verify if the user can access other pages of the application without logging in.
31. Check if you can log in to multiple accounts simultaneously in the same browser by using separate accounts.
32. Examine your ability to modify and/or disable cookies.
The login page has fewer controls, so even though it appears simple for testing, it should not be considered as a simple task.
Tools for login page testing
Automation testing requires a good understanding of different automation tools and frameworks. Selenium is the most popular of these tools due to its ease of use and relevant features. Selenium is a tool for automating tests on websites in order to monitor their performance. Agilitest is another good option as it provides a no-code platform for functional test automation.
A login page can also be tested manually.