Tip

How to test Web site login security

Input validation is critical for the security of Web sites. Here's a techniques you can use to make sure your site isn't vulnerable to SQL injection.

Sandeep Kashyap

Published: 20 Jun 2007

Security is a major aspect of any Web site. Before testing the functionality, first you need to check the login page, because the login page is the main entry for hackers to any Web site. It is the tester's responsibility to check whether the login page is properly secured or not.

The technique you can use to check the security of the login page is this:

Username: ' or 1=1--
Password: any

If you enter the script given, you can easily log in to the system if developer has not applied proper validation in the code. This technique is called SQL injection, and it means you are terminating the existing query using your script.

Dig Deeper on Software testing tools and techniques

anonymous FTP (File Transfer Protocol)

By: Rahul Awati
Lego site vulnerabilities highlight API security gaps

By: Beth Pariseau
Cisco Talos techniques uncover ransomware sites on dark web

By: Alexander Culafi
proxy hacking

By: Gavin Wright

Dig Deeper on Software testing tools and techniques

anonymous FTP (File Transfer Protocol)

Lego site vulnerabilities highlight API security gaps

Cisco Talos techniques uncover ransomware sites on dark web

proxy hacking