Open In App

Test Cases for Password and Forgot Password Functionality

Improve
Improve
Like Article
Like
Save
Share
Report

A secure gateway for any platform holding the personal details of the user is very important. Therefore, it is very crucial to create a secure, non-faulty login page and testers should keep in mind all the possibilities while designing the test cases. The article focuses on discussing the test cases for password and forgot password functionality on the login page.

Test Cases for Password Functionality

Below are some of the possible test cases for the password functionality:

Features to be tested

Test Cases 

Password field
  1. Verify that the password field is visible and enabled on the login page.
  2. Enter a valid password in the password field and verify that the user is able to log in successfully.
  3. Enter an invalid password in the password field and verify that the user is unable to log in.
  4. Enter a password in the password field and then delete it to verify that the password field is able to clear itself.
Password
  1. Testing that the password must contain a certain number of characters from different character sets.
  2. Testing that the password cannot be the same as the username.
  3. Testing that the password cannot be a commonly used password.
  4. Testing that the password must be a certain length. A valid password should be at least 8 characters long and include a mix of letters, numbers, and special characters.
  5. An invalid password should be less than 8 characters long, not include a mix of letters, numbers, and special characters, or include common words or phrases.
Password functionality
  1. A test case for the password functionality should include testing for a valid password, an invalid password, and a forgotten password.
  2. A test case for the password functionality should include testing for a minimum password length.
  3. A test case for the password functionality should include testing for a maximum password length.
  4. A test case for the password functionality should include testing for the inclusion of at least one uppercase letter.
  5. A test case for the password functionality should include testing for the inclusion of at least one lowercase letter.
  6. A test case for the password functionality should include testing for the inclusion of at least one numeric character.
  7. A test case for the password functionality should include testing for the inclusion of at least one special character.
  8. A test case for the password functionality should include testing for the exclusion of certain characters that may be easily guessed, such as consecutive letters or numbers.
  9. A test case for the password functionality should include testing for the enforcement of password expiration dates.
  10. A test case for the password functionality should include testing for the ability to reset a forgotten password.
  11. A test case for the password functionality should include testing for the display of password strength indicators.
Password reset
  1. A forgotten password should prompt the user to enter their email address so that a reset password link can be sent.
  2. Once the reset password link is clicked, the user should be taken to a page where they can enter a new password.
  3. The new password should be confirmed before it is accepted.
  4. After a successful password reset, the user should be able to log in with their new password.
  5. Verify that the user is unable to reset their password if they have not answered their security questions correctly.
  6. Verify that the user is able to reset their password if they have answered their security questions correctly.
Password change
  1. Verify that the user is able to change their password if they know their current password.
  2. Verify that the user is unable to change their password if they do not know their current password.

Test Cases for Forgot Password Functionality

Below are some of the possible test cases for forgot password functionality:

Features to be tested

Test cases

Forgot password link
  1. Verify that the forgot password link is visible and enabled on the login page.
  2. Click on the forgot password link and verify that the user is taken to the forgot password page.
  3. Enter an invalid email address in the email field on the forgot password page and verify that the user does not receive an email
Forgot password functionality
  1. Test the forget password functionality with a valid email address and check if the password reset link is received.
  2. Test the forget password functionality with an invalid email address and check if the error message is displayed.
  3. Test the forget password functionality by trying to reset the password without entering the email address and check if the error message is displayed.
  4. A test case for the “forgot password” functionality should check that the user is shown a confirmation message after successfully resetting their password.
  5. A test case for the “forgot password” functionality should check that the user is redirected to the login page after successfully resetting their password.
  6. A test case for the “forgot password” functionality should check that the user is shown an error message if they try to reset their password more than the maximum number of times allowed.
  7. A test case for the “forgot password” functionality should check that the user is locked out of their account if they try to reset their password more than the maximum number of times allowed.
  8. Test the forget password functionality by trying to reset the password with a valid email address and check if the password reset link is received.
Password reset
  1. Testing that the user receives an email with instructions on how to reset their password.
  2. Enter a valid email address in the email field on the forgot password page and verify that the user receives an email with a reset password link.

Last Updated : 05 Nov, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads