Boundary Value

What is the min amd Max length of password

Questions by kumsan060   answers by kumsan060

Showing Answers 1 - 13 of 13 Answers

Instead of checking each and every possible value we check the boundary values only.
For eg, if the login id has to accept only 6 to 11 alphabets only.
Then we check this instance by applying the values like
                                         6-1=5 alphabets --- it should fail
                                               7-----------  pass
ie.  min-1,max+1 should fail ,middle of the values should pass. this is boundary value analysis(BVA)


  • Jul 4th, 2008

Testing application with some boundary values


Before the value

Beyound the Value

 there are three types of inputs for an module


Entering the values before the current and correct value

accurate input value

beyound the value 


Boundary Values for any field should be consider with

Minimum value -1, Minimum value, Minimum value +1,
Middle value,
Maxmium value -1, Maxmium value, Maxmium value +1

so for your questions - password field, if the mimimum value is 4 and max is 10,
then the parameters are

3,4,5 - for Minimum value
7 - for middle value
9,10,11 - for Maxmium value

Please suggest me if I am wrong

Hi Kumsan060,

I think there is no particular number fixed for Max And Min length password,It depends upon the User perspective using the product We can fix that number, To test this type of fields there is a tool called "TestersDesk" Normally We can test  the Boundary Value For one instance at one time But the Specialization of this tool is We can test the Several instances at single time


  Was this answer useful?  Yes

It is nothing but testing the input at the bounded input of the test condition

i.e if we want to test of 4 to 9 means the test data should be 3,4,9,10

  Was this answer useful?  Yes

This should be in the [Design] Specs - but it may be the case that the Password may also be case-sensitive, and/or need a number(s) too - for example "Password" would be allowed but "password" wouldn't - or the the password may need to be "Password10" etc.
I'd also recommend not having a password of "Password", case sensitive or not! Indeed, these types of words may be barred.
Apologies as I realise my answer comes out of the boundaries (no pun intended) of Boundary Value, but I thought it may be of some use / get some fellow testing brains thinking :)

  Was this answer useful?  Yes


  • Sep 4th, 2009

Generally standard length of the password field is:
Min-  6 characters
Max-  12 characters

So if we consider this as password field limit then we apply boundary value like this:

min-1, min, max, max+1

i.e. we will test password containing 5, 6, 12,13 characters.

  Was this answer useful?  Yes

Boundary value - The boundary value is decided by the user. We will test as per our requirements. 
If the user gives the requirement from 3-5 means we have to test for valid n invalid testing i.e giving +1 or -1 values. 
Normally the boundary values comes under the following issues.
1. Upper boundary value(+1)
Lower boundary value(-1)
3. On boundary value(3-5)

  Was this answer useful?  Yes

The minimum and maximum length of a password is defined in the application's business requirements or technical specifications.  It is generally 6 to 12 characters in length.  To test its boundaries, you would

1) Enter lower limit -1 character
2) Enter number of characters equal to its lower limit
3) Enter lower limit +1 character
4) Enter higher limit -1 character
5) Enter number of characters equal to its higher limit
6) Enter higher limit +1 character

Tests 1 and 6 should fail
Test 2 through 5 should pass

  Was this answer useful?  Yes

Min and Max length of Password is as per the functional spec/SRS. But ideally it is 6 to 18.

Testing at boundary values is called Boundary Valuec Analysis. Testing has to be done for Values at 6, 6-1, 6+1, 18-1, 18, 18+1.

We will have to test for Password with 6 characters, and 18 characters, and later test for 5, 19. We will not do the testing for values at 7, 17 as thsi would have been covered in fubnctional testing.

Why is BVA needed?
There is every possible chance that develeoper may do a mistake at the boundary value. he may code as if>6 and <18. this does not include 6 and 18.or he may also code for POP up/error messages, if not between 6and 18.

  Was this answer useful?  Yes

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.


Related Answered Questions


Related Open Questions