Answered Questions

  • Security testing

    Let's take an example of Login Page,can you tell me any one how we can do security testing for login page?


    • Oct 28th, 2009

    1. Make sure the login is done via https request (even if afterwards you don't need to get to any secured area)2. Make all kinds of login validations (incorrect/empty password/username, correct+several characters and trailing spaces etc.)3. Perform SQL Injection test on the login form


    • Aug 15th, 2007

    1. If you are testing for security on login page, so make sure its not displaying the password, password should be encrypted.2. If you enter invalid password it should not accepted.3. If you log out from page and press back button on standard tool bar it should not display your login page.