Security has become a significant aspect of modern software products. That is why security testing is included in almost every web site testing, desktop testing and mobile application testing.

One may start checking security level from the user registration and authorization procedure. Combination of username and password is one of the oldest ways of user identification and data protection, and it remains widely used and efficient.

Testing of User Registration and Authorization Procedure Should Include Checking:

• of e-mail validation procedure;
• if a user with valid username and password can login;
• if a user with incorrect username/password can login and how the system handles such cases;
• how many users can login in the system simultaneously;
• how much time it takes to login in the system when a time-consuming operation is being performed at the same time;
• whether restrictions to data access for different users work as intended;
• whether it is possible to perform various restricted actions.

A software testing company usually checks user login procedure from the back-end perspective as well. Testers verify if privilege and hierarchy rules work properly while accessing database tables. Some of these works can be executed manually; those that can be automated are performed with the help of automated testing tools.