QA/PasswordManager
From MozillaWiki
< QA
Contents
Password Manager
Feature | Status | Lead Engineer | QA Lead | Status |
Password Manager | In Development | Chris Karlof | Kamil Jozwiak | OK |
Project Goal
Significantly increase adoption and engagement with the Firefox password manager while maintaining high levels of quality.
Password Doorhangers & Prompts
Remember Password | Update Password | Changing password when username missing |
---|---|---|
Test Cases
General
- ensure that usernames and passwords are not being auto filled while using "Private Browsing"
- ensure that the passwords are correctly being filled in when selecting a username that's in the password manager
- ensure if there's more than one saved password for a particular website, usernames & passwords are not auto filled
- ensure that selecting "Remember Password" correctly saves the username and password into the password manager
- ensure that you can use the same username multiple times on different websites without causing any collisions
- Collision Checks (ensure you have several accounts with the same username but different passwords)
- ensure that you can login into several accounts using the same username without any issues
- ensure that changing/updating the password on one account won't affect the other accounts that are using the same username
- ensure that removing one account won't affect the other accounts that are using the same username
- ensure that changing the "username" field to a user that's already saved for that particular website changes the "Remember Password" button to "Update Password"
- Collision Checks (ensure you have several accounts with the same username but different passwords)
- When changing the password on a page that doesn't provide a username (just password fields), ensure that you get prompted with a list of usernames that are currently being saved for that website (see the Changing password when username missing image above)
- Example: twitters change password page doesn't provide a username field that the password manager can use. If you have multiple users saved on twitter, you should get prompted with a list of those users and choose which one you would like to apply the new password to
- ensure that the password for the user that was selected is correctly saved in the password manager
- ensure that selecting "Cancel" doesn't save the password
- ensure that the username field under the password doorhanger is editable
- ensure that blank usernames are treated like regular usernames and can be saved into the password manager
- Quick note: This will most likely change down the road and make it impossible to save blank usernames. There's some known issues relating to blank usernames. (Example: changing the blank username to a valid username)
- ensure that the animation is smooth without any noticeable jank or other UI issues while dismissing the doorhanger
- ensure that fresh installs have an additional window underneath the doorhanger indicating that Passwords can be synced
- ensure selecting "Learn More" loads https://www.mozilla.org/en-US/firefox/sync/
- ensure that the message only appears 5 times before being automatically dismissed
- ensure pressing "x" dismisses the message and never re-appears again
Dismissing the password doorhanger
- dismissing the doorhanger using "Not Now"
- shouldn't save the current username/password
- doesn't place the website on the exceptions list
- should still display the "key" icon beside the URL
- should still allow users to save the password using the "key" icon beside the URL after being logged in
- dismissing the doorhanger using "X"
- shouldn't save the current username/password
- doesn't place the website on the exceptions list
- should still display the "key" icon beside the URL
- should still allow users to save the password using the "key" icon beside the URL after being logged in
- dismissing the doorhanger by clicking anywhere on the website
- shouldn't save the current username/password
- doesn't place the website on the exceptions list
- should still display the "key" icon beside the URL
- should still allow users to save the password using the "key" icon beside the URL after being logged in
- dismissing the doorhanger using "Never Remember Password for This Site"
- shouldn't save the current username/password
- should place the website under the exceptions list and never ask the user to remember the password again
- should remove the "key" icon beside the URL
Exceptions List under about:preferences#security
- ensure that selecting "Never Remember Password for This Site" correctly adds the site into the exception list
- ensure that sites that are being listed under the exception list are not prompting users to remember passwords when logging into sites
- ensure that selecting "Remove" correctly deletes the highlighted site from the exception list
- ensure that selecting "Remove All" correctly deletes all the entries under the exception list
- ensure that sites that are removed from the exception list prompt the user to save their passwords
- ensure when "Remember passwords for sites" is unselected, websites will not ask the user to save their passwords
- ensure when "Remember passwords for sites" is unselected, the "Exceptions..." button is grayed out and not clickable
- ensure selecting & unselecting "Remember passwords for sites" doesn't clear the previously created exception list
- ensure that selected entries are correctly being highlighted when going through the exception list
- ensure there's no spelling mistakes or other UI irregularities when clicking on "Exceptions..." button
Saved Passwords under about:preferences#security
- ensure that "Copy Username" is working when right clicking on a sites being listed
- ensure that "Copy Password" is working when right clicking on a sites being listed
- ensure if there's multiple websites selected, both "Copy Username" & "Copy Password" are grayed out and not selectable
- ensure that selecting "Remove" correctly deletes the highlighted site from the password manager
- ensure that if there's multiple websites selected, clicking "Remove" will correctly remove them (CTRL + Click & SHIFT + Click)
- ensure that selecting "Remove All" correctly deletes all the passwords in the password manager
- ensure that you're prompted with a confirmation warning before the passwords are removed
- ensure selecting "No" on the confirmation warning will not remove all the passwords
- ensure selecting "Yes" on the confirmation warning removes all the passwords in the password manager
- ensure that you're prompted with a confirmation warning before the passwords are removed
- ensure that the "Remove" & "Remove All" button are grayed out when there's no more passwords being listed
- ensure that sites that have been removed from the password manager don't auto fill in the passwords anymore
- ensure that "Show Passwords" correctly lists all the passwords that are being saved
- ensure that you're prompted with a confirmation warning before the passwords are shown
- ensure selecting "No" on the confirmation warning will not display the passwords
- ensure selecting "Yes" on the confirmation warning will display the passwords
- ensure that you're prompted with a confirmation warning before the passwords are shown
- ensure that the "Last Used" column is correctly being updated while logging into sites with the saved password
- ensure that the "Last Changed" column is correctly being updated when changing/updating the saved password
- ensure that "Search" is working correctly
- search for a few terms and ensure the correct results are being displayed
- ensure that clicking on the yellow "?" correctly opens a new tab and points the user to the "Security and passwords settings" KB under about:preferences#security
Store Passwords/Password Manager under about:permissions
- ensure that "Store Passwords" appear as "Block" for sites that are listed under the exception list
- ensure that changing the "Store Passwords" to "Allow" removes the site from the exception list
- ensure that each website is listing the correct number of passwords being saved
- ensure that the "Manage Passwords..." button is available if a password has been saved into the manager
- ensure that selecting "Manage Passwords..." correctly lists the saved passwords for the current website
- ensure that the correct website is being populated into the "Search" field when selecting "Manage Passwords..."
- ensure that removing entries using about:permissions also removes them from about:preferences#security
Community Engagement
One and Done
One and Done Here gives users a wide variety of ways to contribute to Mozilla. The following is a list of tasks related to the password manager that the community can get started with:
QA Contact Information
If you have any questions or issues relating to the Password Manager, you can contact me via the following methods:
Internet Relay Chat (IRC): [Quickest Response]
- Nick: kjozwiak
- Channels: #qa #passwords
- IRC Setup: https://wiki.mozilla.org/IRC
Email: [Slowest Response]
- kjozwiak [at] mozilla.com
- kamiljoz [at] gmail.com