Mary had a little lamb heuristic.

[Ajay Balamurugadas]

Analyze this statement:

- A user can retrieve the password by clicking on "Forgt Password" link.

[Swathi Reddy]

Swathi vangala

[A.Arokya Samy]

Arokya Samy
Forget password:
1. What is the procedure to generate the password?
2.do we have any security question?
3.do we have any captcha used??
4.do we use any token?
5.how long the token is active?
6.are we getting any one time password??
7.usage of password strength and character

[Swathi Reddy]

Mary is the name

Marry having a little lamb

On Wednesday, January 14, 2015 at 6:29:02 AM UTC+5:30, Swathi Reddy wrote:On Wednesday, January 14, 2015 at 6:25:29 AM UTC+5:30, Ajay BalamurugadMa

[aryar...@gmail.com]

On Wednesday, January 14, 2015 at 6:25:29 AM UTC+5:30, Ajay Balamurugadas wrote:

Analyze this statement:

Arya 

- A user can retrieve the password by clicking on "Forgt Password" link.

 

 

1. Multiple users  allowed to retrieve password?

2.Username should be entered correctly to retrieve the forgot password?

3.Redirected to some site when the link clicked?

4.User can  retrieve password only based on some previous mail ids or hint answers he provided at the time of account creation??

 

[vinod komeershetty]

#1 one way of retrieving password is by clicking on forgot password link
#2 as soon you click link password is retrieved
#3 there is some method other than #2 by which we can get pwd

[Sathish Kumar]

On Wednesday, January 14, 2015 at 6:25:29 AM UTC+5:30, Ajay Balamurugadas wrote:

Analyze this statement:

- A user can retrieve the password by clicking on "Forgt Password" link.

1.Who is the user?
2.how can he/she request for "Forgot password" link
3.In which mode they get "forgot password" link, through email/sms?
4.Can user retrieve the password using same mail again and again?
5. what will be displayed, if we click on forgot password link?
7.how long this link will be active or usable?

[Sumana N]

Sumana

1.When user clicks on forgot password link. Is it redirecting to recovery password link page.

    2.After clicking on that link, it should ask for an email id.

3. It must accept a valid email id.

4.After user enters valid email id, check does the link has been sent to his registered mail id.

5 .Is the user able to change to new password or not?

6.After submiting new password, try to login with it.

[Maddi Koteswara Rao]

@ Koti comments on the statement ..
Statement given "A user can retrieve the password by clicking on "Forgt Password" link"
1. Upon clicking on "Forgot password" link make sure user will prompt to enter the below / select the values
a) Security Question
b) Security Answer
c) Captcha related
d) kind of agreement checkbox.
2. Password should come in encrypted format / kind of link to the user's email id upon clicking forgot password.
3. Make sure we are trying to click on the forgot password link in all supported and scoped in browsers .
4. Upon clicking on the link he should be able to reset the password.

[shareef mughni]

1. check if the fgt pwd flow is working correctly for a valid user

2. check for invalid user

On Wednesday, 14 January 2015 06:25:29 UTC+5:30, Ajay Balamurugadas wrote:

[Ashwin Kumar]

1. Is it only one one user do it at a time or how many number of users can retrieve the password at the same time

2. Is it only the users can retrieve the password or even admins can retrieve the passord the same way

3. Is it only clicking or hovering or tabbbing

4. Can only passwords be retrieved or or all the other users details can be retrieved

5. Can the details be retrieved only by clickg the "Forget Password" link or any other link is available  

[A.Arokya Samy]

Arokya Samy
Forget password

Who is the user?
What is the medium?(browser, windows application, mobile apps etc)
When the user can reset the password?
What he can do?
Why he can do?
How he can reset?
What happen before and after he did forget password??

[Sumana N]

Sumana

Who is the user

Who is a valid user

Who is an invalid user

can multiple users retrieve the link.

can user retrieve the password upon clicking it.

How many attempts the link can accept.

[pradeep ramesh]

when can a user retrieve password ?
why shoud a user click on forgot password ?
how many times a user can retrieve a password ?

On Wednesday, January 14, 2015 at 6:25:29 AM UTC+5:30, Ajay Balamurugadas wrote:

[ARYA RS]

A user can retrieve the password by clicking on "Forgt Password" link Heuristic: 

1.Who is the user

2.Why one user

3.Any specific user?

 

4.Only users can retrieve

5.Non users allowed to retrieve

 

6.Any condition when he cannot

7.Retrieve done in one step?

8.What format retrieved?

 

9.Single or double click?

10.Forgt password and why not forget password?

11.Why link and not button

 

 

[shishir malewar]

who is the user?
why should the user?
when should the user?
how many user?

[Anil Kumar]

Anil:

1. What happened if the user clicks multiple times of the Forgot Password link

2. Whether user will be received that Password recovery mail to his primary and secondary accounts or not ?

3. What can be the expiry time for the received password recovery mail ?

4. Whether in the user received mail content will have only URL or specific code for the password change ?

5. What happened if a user try to change the password through password recovery mail after expiry time

On Wednesday, 14 January 2015 06:25:29 UTC+5:30, Ajay Balamurugadas wrote:

[Bala Swaminathan]

My analysis:

Defect:Forgot password  spelling is incorrect 

Test scenarios:

1) how many times a user can use forgot password link in a day

2) what information should we provide in order to get the password reset.

3) what happens when we click forgot password link 

    A) I may answer security question and may be able to reset the password right there

    B) I may get a security or one time code with which I can reset my password 

    C) I may get an email about the info I need to reset the password. 

4) what if the user id is not in the db 

5) time taken from clicking the forgot password link and resetting the password 

--
You received this message because you are subscribed to the Google Groups "AjSoftwareTestingskills" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ajsoftwaretesting...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
Regards,

Bala S

[Jayasree Mullapudi]

1. Spelling for forget is wrong

2. Without entering email/password in the fields and clicking on Forget password link wat happens?

3. Entering the details and clicking on Forget password link wat happens?

      a. how many attempts for password?

      b. How long the reset password link be accessbile?

      c. Wat happens if user click after expiring the reset password link?

      d. If user clicks on Forget password link for multiple times and reset link is send for multiple times which one is valid?

[Amruth Vasu]

Amruth

On Wednesday, January 14, 2015 at 6:25:29 AM UTC+5:30, Ajay Balamurugadas wrote:

Analyze this statement:

- A user can retrieve the password by clicking on "Forgt Password" link.

As a tester while analysing the above statement there is a spelling mistake in "Forgt Password" link 

1). Whats the user name or user ID??

2).  Mode of retrieving the password or to change the password (SMS/Email)

3). Any Security question/answers required?

4). Captcha?

5). Mode of network like Edge, 3G, LTE?