A secured gateway for any website, social media platform, or platform holding personal information is very crucial. Therefore, creating a non-faulty login page is very important. That is why while writing test cases for Password or test cases for Forgot Password functionality, one should be very careful and keep in mind all the user scenarios. Any loophole will risk the user’s personal information as well as unauthorized access to sensitive information. Here are some test scenarios for password and forgot password functionality.
I hope these will be helpful next time you are required to list down scenarios for a similar situation.
Test Cases for Password
- Verify that a separate field for entering the password is visible.
- Verify that the login should not be possible without a valid password.
- Verify the limit of the number of characters for the Password matches the specified range.
- Verify that a blank value is not allowed in the password field.
- Check if the password is masked or visible in the form of asterisks to ensure secured login.
- Check if an error message appears for an invalid password.
- Check if the login is possible with the new password after the password is reset.
- Verify that login is only possible within the specified time limit after the password is entered.
- Verify if the font size, color, and style match the specified requirements.
- Verify that for security reasons, unwanted characters are not allowed to be entered in the password field. For example, characters that can lead to SQL injection and cross-site scripting (XSS) attacks should not be allowed in the password field.
Test Cases for Forgot Password
- Check if the forgot password option is shown right after the wrong password is entered.
- Verify if the forgot password link is working correctly and landing on the correct page.
- Check if the forgot password link is directed to the right page i.e. forgot password page.
- Verify that the link to change the password is sent to the user’s emailId only.
- Verify that the security questions asked are the same as the ones that the user entered during sign-up.
- Verify that if a wrong answer is entered to any security question, it should not proceed to the next question.
- Verify that the new password matches with required specifications for the password value. For example, it should allow a combination of special characters, upper case characters, numerics, etc.
- Verify that the login should be possible with the newly changed password.
- Check if the link gets expired once the user has set a new password.
- Check if the link is live/applicable for one-time use only.
- Verify that the link is working only for a specified period of time and then shows a time-out message.
- Verify that the user should not be allowed to request forgot password frequently.
This completes our tutorial on test cases for password and test cases for Forgot password feature.