
	Home > Software Quality Tips > Application Security Strategies > How to test Web site login security

Software Quality Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

APPLICATION SECURITY STRATEGIES

How to test Web site login security

Sandeep Kashyap
06.20.2007
Rating: -2.80- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

Security is a major aspect of any Web site. Before testing the functionality, first you need to check the login page, because the login page is the main entry for hackers to any Web site. It is the tester's responsibility to check whether the login page is properly secured or not.

The technique you can use to check the

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Application Security Strategies
	Fixing four Web 2.0 input validation security mistakes
	Social engineering training could disrupt botnet growth
	Web security problems: Five ways to stop login weaknesses
	Common mistakes in real-time Java programming
	Preparing for testing applications in the cloud
	The role of quality assurance (QA) pros in software security
	Common software security risks and oversights
	Using the Firefox Web Developer extension to find security flaws
	Web application security testing checklist
	How to develop secure applications

Software security testing and techniques

Fixing four Web 2.0 input validation security mistakes

Commonly-overlooked security flaws in rich Internet applications

Web security problems: Five ways to stop login weaknesses

10 steps to acing Web app security assessments

Hack maliciously to boost your software's security

Software Testing: How to know you're ready to start testing

Software security best practices: Roles developers must play

The role of quality assurance (QA) pros in software security

What is fuzz testing? What are some ways to use fuzz testing?

Software security: Removing insecurity from outsourced development

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

security of the login page is this:

Username: ' or 1=1--
Password: any

If you enter the script given, you can easily log in to the system if developer has not applied proper validation in the code. This technique is called SQL injection, and it means you are terminating the existing query using your script.

Rate this Tip
To rate tips, you must be a member of SearchSoftwareQuality.com. Register now to start rating these tips. Log in if you are already a member.
Submit a Tip

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Software Design & Testing - Project Management

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2006 - 2009, TechTarget \| Read our Privacy Policy