Test Case For Login Page Positive And Negative

How To Articles

Today, I want to share with you my experiences and insights on creating test cases for a login page. As a software tester, I’ve had the opportunity to extensively work on login functionality and identify both positive and negative test scenarios. In this article, I will delve deep into the intricacies of testing a login page, including various positive and negative test cases.

Positive Test Cases

Let’s start with the positive test cases, which are designed to ensure that the login functionality is working as expected when valid and correct inputs are provided.

1. Valid Credentials

The most basic positive test case is to verify that a user can successfully log in using valid credentials. In this scenario, we enter a correct username and password and check if the system allows access to the user’s account.

2. Password Case Insensitivity

Some login systems are case insensitive when it comes to passwords. To test this, we can enter a password in different case variations (e.g., “Password”, “password”, “PASSWORD”) and check if the system treats them all as the same password.

3. Remember Me Functionality

Remember Me functionality allows users to stay logged in even after closing the browser. To test this, we can log in with Remember Me enabled and then close the browser. Upon reopening the browser, we check if the user is still logged in without having to re-enter their credentials.

Negative Test Cases

Now, let’s explore the negative test cases, which aim to uncover any vulnerabilities or bugs in the login functionality. These cases simulate situations where the user provides invalid or incorrect inputs.

1. Incorrect Username/Password

This test case focuses on verifying how the system handles incorrect login credentials. We enter an incorrect username and/or password and check if the system displays the appropriate error message.

2. Account Lockout

Many systems implement a lockout mechanism to prevent brute-force attacks. In this test case, we enter incorrect credentials multiple times and check if the account gets locked after a certain number of failed attempts.

3. Cross-Site Scripting (XSS) Attacks

XSS attacks can occur when user input is not properly sanitized. In this test case, we enter malicious scripts as the username or password and check if the system detects and blocks them.


Creating comprehensive test cases for login pages is crucial to ensure the security and reliability of an application. Positive test cases help validate that the login functionality works as expected with valid inputs, while negative test cases uncover potential vulnerabilities and weaknesses. By conducting thorough testing, we can enhance the user experience and protect user data from unauthorized access.

Remember, it’s essential to constantly update and review test cases as the application evolves. By staying proactive in our approach to testing, we can ensure a robust and secure login page for our users.