Test Ideas for a Login Screen

I was reading Wired over the weekend and came across this article of Mister John Null. Just like most Irish people (e.g. O’Donnel) he too is not accepted as a person when signing up for online services.

The article: https://www.wired.com/2015/11/null/amp/

Question to all you testers out there: is there a set of names that you test against to ensure they are accepted by the system you’re testing for?

I have a few sets I try but I’m definitely guilty of not enough coverage of names. My usual set includes accents (fada in Irish language) á é í ú ó names with Hyphens e.g. Anne-Marie Reid-Duff. I’m amazed with the amount of forms that accept hyphens in one name field and not the other. Apostrophes are another interesting one D’arcy as a first name for example.

I’ve also seen cases where you could sign up with all of these things but you couldn’t sign in with them. @dominic1 has a good set of examples that he uses too if I recall correctly :smile:

1 Like

Not sure if it’s of value here, but I have here a small list of names I use for testing with the expected result from it:

  • Michelangelo van Dam: testing last name “van Dam” is not capitalised as “Van Dam”
  • Dr. John M. Smith, Jr.: testing the dots are accepted for abbreviation of prefix, middle name and suffix (one name field testing)
  • Kevin O’Donnel: testing that an Irish name is accepted and not turned into “ODonnel”
  • Jane Cock: testing that the name is not flagged as “improper”
  • Sébastian Gruße: testing that some foreign characters are not rejected or removed making “Grue”
  • Kees-jan Klaassen: testing hyphens are not removed turning first names into “Keesjan”
  • محمد أكبر: testing right-to-left direction and unicode characters

After reading the Wired article, I added: John Null: testing Null is not considered a reserved word.

4 Likes

there are a good collection of tricky names in: https://gojko.github.io/bugmagnet/
Capture

even more tricky strings here: https://github.com/minimaxir/big-list-of-naughty-strings

9 Likes

Hey @jesper, thank you for these links! I’ve just bookmarked them, thanks a bunch!

1 Like

The ‘big list of naughty strings’ I knew, but not the plugin. Thanks! Seems handy also to just quickly input valid data (I use Autofill to quickly fill in long forms that I encounter often, Bugmagnet seems usefull to just quickly generate a name or Lorem Ipsum text).

1 Like

I’m thinking of the context first. What are we talking about here?
What I know so far is that there’s a login screen:
Login = an act of logging in to a computer, database, or system.
Screen = a flat panel or area on an electronic device such as a television, computer, or smartphone, on which images and data are displayed.

There are different types of ‘‘login’’/authentication: logon, login, sign-in. Are they under the same discussion?
Do we just consider a fully virtual environment or a combination with real device, physical actions also? like eye or hand scan, badge or card, keyboard code buttons; interaction between multiple devices or platforms? have a token to login to bank account, have a key/badge and a code to start/stop the house alarm, IoT + other platform/device…
What about the device type used? pc, mobile, tablet, ioT, token, medical device, other kinds of hardware…
OS dependent or or is it built/linked to the device?
Login screen type?: pin, command line, text-field, dots, fingerprint-reader, signature…
Application type?: hosted, server, web app, mobile app.
Online or offline login?
The list of questions can get pretty big…and in my opinion these can be considered tests also.

2 Likes

A blog post I noticed in the MoT blogfeed today More tests for login forms

Regarding testing of field validations, we know that exploratory testing isn’t amenable to automation however it would easily be possible to create an automation framework containing the types of test data used in Bug Magnet, link it into (say) Selenium and fill various form fields with them to iteratively test for errors or some unexpected behaviour. When an error is found a further check could be made on test data of a specific category (i.e. names with accents, extreme or out of bounds numbers).

It wouldn’t take much effort to create it and I need a hobby anyway…

2 Likes

That would be quite the hobby :stuck_out_tongue_winking_eye:

1 Like

Haha @heather_reid it may not be too bad actually. I’ve done a few vaguely similar things quickly in the past -

The Aussie Data Feed for a fake test data creation library in Python called Mimesis (formerly Elizabeth)

A tool for creating fake customer data in Excel and an Excel spreadsheet with various fuzzed data fields already in it

1 Like

I retract my previous statement :grin: that’s quite impressive.

1 Like

Thanks! Very nice of you to say so. It’s not that impressive, just some stuff I did to prepare for a conference talk back in May.

Loved this little hobby idea @paulmaxwellwalters , it really got me thinking this evening. It works pretty good but I need to do a bit more work to it - you can view my rough and ready effort here https://github.com/vivrichards600/ValidationMonkey

1 Like

Hey Viv, I haven’t tried it but it looks really promising on the surface. I have forked it and want to get involved so if there is any way I can help on this project, please let me know!

1 Like

Please feel free to dig in and refactor/add functionality etc - the more the merrier :slight_smile:

1 Like

Testing of login page is vast task, we can add more scenarios as per experience in testing but most of the software testing services perform the below mentioned aspects:

Basic Aspects:

Input valid User-name & Password and click ‘Log-in’ or click ‘Enter’.
Input valid User-name & Invalid Password and vice-versa.
Input both invalid User-name and Password.
Add Valid User-name but leave Password blank and vice-versa.
Click ‘remember me’ field and log-in then log-out and refresh the page.

Deeper Aspect:

Add a valid User-name or Password preceded by one or more blank spaces.
Check the User-name as well as Password is case sensitive.
Check Password should be Asterisk symbols.
Check Log-in and Password accept Symbols (we should do testing with symbols)
Check for extra characters before and after the Valid User-name and Password.
Check for multiple log-ins with different accounts on same browsers.
Verify Login screen got locked for a user after particular set of unsuccessful tries.
Verify locked user account get reactivated after particular time.

Technical Aspects:

Check for Character input limit for both User-name and Password fields.
Try all scenarios for different browsers (Safari, Chrome, Firefox, Edge etc).
Check by Delay your actions while entering User-name and Password.
Try to manipulate URL and try to redirect the post Log-in page.

Others Aspects:

All elements are displaying correctly and should be functional.
The Error message should be correctly displayed while adding invalid User-name or Password.

Hope this information is useful and you can come to in case need more information.

2 Likes

Saw this today, could bring a new set of ideas

3 Likes

Sorry, necroing thread, as I’m testing a login screen now… One of the names I always like to use is that of the footballer Jan Vennegoor of Hesselink…

I think these ideas work well. We will try to implement them in our company.