Home > Software Quality Tips > Application Security Strategies > How to test Web site login security
Software Quality Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

APPLICATION SECURITY STRATEGIES

How to test Web site login security


Sandeep Kashyap
06.20.2007
Rating: -2.78- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Security is a major aspect of any Web site. Before testing the functionality, first you need to check the login page, because the login page is the main entry for hackers to any Web site. It is the tester's responsibility to check whether the login page is properly secured or not.

The technique you can use to check the security of the login page is this:

Usernam...


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Application Security Strategies
Rich Internet applications security testing checklist
The lowdown on PCI compliance
Web 2.0 application security troubleshooting, testing tutorial
Expert resolves issues plaguing OpenSTA users
Fixing four Web 2.0 input validation security mistakes
Social engineering training could disrupt botnet growth
Web security problems: Five ways to stop login weaknesses
Preparing for testing applications in the cloud
The role of quality assurance (QA) pros in software security
Common software security risks and oversights

Software security testing and techniques
Web application security best practices: Tips on implementation
Testing strategies for complex environments
How to make your software tamperproof
Ways to approach application performance testing on a tight budget
How can I tell if my software security has been breached?
Is online application testing for smartphones different from other software testing?
Software testers facing six big challenges today, StarWest keynoter says
Lesser-known free software testing tools testers should try
Is manually testing a software project for flaws too risky?
Affordable automated testing tools for securing websites

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


e: ' or 1=1--
Password: any

If you enter the script given, you can easily log in to the system if developer has not applied proper validation in the code. This technique is called SQL injection, and it means you are terminating the existing query using your script.


Rate this Tip
To rate tips, you must be a member of SearchSoftwareQuality.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Software Design & Testing - Project Management
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts