Security is a major aspect of any Web site. Before testing the functionality, first you need to check the login...
page, because the login page is the main entry for hackers to any Web site. It is the tester's responsibility to check whether the login page is properly secured or not.
The technique you can use to check the security of the login page is this:
Username: ' or 1=1--
If you enter the script given, you can easily log in to the system if developer has not applied proper validation in the code. This technique is called SQL injection, and it means you are terminating the existing query using your script.