You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.

You are here: Browser/Composer front-end QA > front-end test plans > Password Manager Test Plan

Test Plan for Password Manager

Maintained by: <Terri Preston>

Overview

The Password Manager allows the user to automatically prefill the username and password fields. This feature helps avoid the repetitive task of entering such login information every time you visit such websites as an eCommerce site. The password manager allows you to keep username and password information for sites that the user would like remembered. The password manager can be accessed either through the preferences drop down list or the tasks drop down list.

Will Test

Testing should cover the areas below. However, please note the exceptions under the Will Not Test section.

Look and feel: visual consistency within the Mozilla browser and Netscape 6.0 Navigator product. Also, cross-platform consistency (with the exception of certain platform-specific add-ons).
Style, spelling, grammar, etc.
Password Manager functionality within the browser.

Will Not Test

The following areas will not be covered. Please refer to the appropriate test plan for further information.

Use of the Master Password. This is part of the Personal Security Manager (PSM).
Use of encryption for data protection. This is also part of PSM.
Use of the Password Manager within mail.
Different sites use different names for their fields.
The Cookie Manager.
The Image Manager.

Major Issues & Bug Information

Here are some relevant Bugzilla links. Bugs in the Password Manager feature belong in the Single Signon component, whereas bugs in Form Manager belong in Autofill.

Password Manager bug queries

Bugs currently open (Unconfirmed, New, Assigned or Reopened) under Password Manager, sorted by severity.
Bugs currently Resolved Fixed (but not yet verified by QA) under Password Manager , sorted by severity.
Bugs currently Resolved as Duplicate, Works For Me, Invalid or Won't Fix under Password Manager, sorted by severity.

Test Coverage

Coverage for Password Manager:

Activating Password manager.
- First time you authenticate: The first time (first session for a new profile, or a new build) you submit a username/password (aka, signon info), you are informed of the privacy features (aka, the "blue box" dialog) and then asked if you would like to use it ( confirmation dialog to save/ignore/never save).
- Activate/disable through Preferences: Turning on the pref allows you to automatically remember saved signon info, as well as ask you to save signon info. Disabling should prevent prefilling of signon info (at sites where it was saved), as well as prevent Password Manager from asking you to save.
When the Password Manager is activated to save signon info.
- Web-based forms, where there are username and password input fields (and a submit button) on the page itself.
- HTTP authentication (eg, when htaccess is used), where a dialog appears asking for username and password info.
- If time allows. FTP authentication.
- Confirmation dialog: In addition to saying Yes to save singon info, there is also two ways to refuse:
  - No: Signon info is neither save nor remembered --this is analogous to hitting the Cancel button in a common dialog.
  - Never for this site: Signon info is not saved, but the site at which you decline this is remembered.
Using saved signon info.
- Test with just one signon already saved at a given site.
- Test using multiple signons at the same site.
- Test using the same username, but different password, at the same site. Useful for when you decide to change your password at a given site.
Viewing and deleting signon info is done through the Stored Passwords dialog. Can be accessed from the Preferences, as well as the menubar ( Tasks > Privacy and Security > Password Manager > View Stored Passwords).
- Passwords Saved tab (where you selected Yes to save signon info)
  - Verify that signon info (site and username) is displayed.
  - Test deletion of signon info.
- Passwords Never Saved tab (where you selected Never for this site)
  - Verify that site info is displayed.
  - Test deletion of site info.
Clear Sensitive Information should remove both signon information and form data information (found under Tasks > Privacy and Security > Password Manager > Clear Sensitive Information). After selecting this item, you should be presented with a confirmation dialog to remove such information.
Ad-hoc testing
- Common sites (E*Trade, Amazon, eBay, etc.)

References

UI and/or Functional Specifications (content might be rather ancient):

PRD: http://client.mcom.com/seamonkey/prd/walletprd.htm An internal Netscape link to Kevin Yen's marketing documents detailing what wallet is and why people want it.
Engineering Specifications: http://webgroup.mcom.com /xpnav/ An internal Netscape link to Steve Morse's engineering spec on how wallet works.

Note that both of these documents are limited to internal eyes for the time being.

Mozilla