Well thats my favvorite interview questions [img]/images/graemlins/smile.gif[/img] Let me list down some of them:
1. test with right uid and pw.
2. test with wrong uid and right pw
3. test with right uid and wrong pw
4. test with wrong uid and wrong pw
5. check the minimum and max password length (if there is any)
6. check other password policy.
7. Check the case sensitivity of uid and pw.
For different database backends, there are different types of strings you have to add at the end. In our online product, we collect form information from the tester and give a pre-crafted SQL Injections. What most of our users have told us is that they test their login functionality using our feature.
A lot of information is available on the web, and you can do this manually too.
<ul type="square">[*]www.testersdesk.com- The Online Tool Platform for Software Testers.[*]Building test engineering tools & training test engineers is what value-creation means to me in the race of Deterministic Technology.[/list]
Check the following:
1. Min and max acceptable characters for username field
2. Validation for username field such as whether it is allowing special char except underscores(_), periods(.)
3. Min necessary characters for password field
4. In our company, our developers usually check the password while typing and suggesting users to make password strong by adding special chars etc. So you can test that too.
5. Browser back after logging in behavior.
6. Refreshing page after login
7. popups arose out of invalid inputs and etc.