Test Case for FEA102
| Test Case description | Strong password policies, encrypted communication, authentication methods and session security |
| Test Case ID | TESTCASE102 |
| Author/Designer | Rasmus Vasara |
| Date of creation | 12.2.2024 |
| Class | functional/non-functional/acceptance |
Test description / objective
This test case should prove that passwords have strong and secure policies, accounts can be locked after suspicious activity, Multi-Factor Authentication (MFA) is implemented and works and the site is running on HTTPS protocol.
Links to requirements or other sources
Test pre-state * Login / Account creation page
Test steps
- Create a new account
- Try different combination of insufficient passwords while creating new account
- Sign in with new account
- Sign in using Multi-Factor Authentication
- Is the site running on HTTPS?
- Try signing in with wrong password multiple times
Test end-state
- New account is created with a strong password
To be taken into account during test
- Check error messages when doing wrong actions (Signing in with empty username/password or wrong inputs, leave fields empty when creating new account)
Test result (Pass/Fail Criteria)
-
PASS condition: Strong password is required when creating account, entering wrong credentials multiple times locks account, MFA is implemented and works, site is running HTTPS protocol.
-
FAIL condition: Above criteria are not fulfilled