While doing an authentication testing is this necessary that we should test the application for the condition "LoginId / MemberId and Password can not be same?"
This depends - if the requirements or companies security policies state that the login id and password should not be the same then this testing should be included.
If the requirements/security policies do not state this then it does not need to be included in the test - however I would questions the requirements/security policy.
[ 02-01-2005, 05:58 AM: Message edited by: lynneM ]
I have not failed. I've just found 10,000 ways that won't work" --Thomas Edison
Thanks LynneM ....