Testing for authentication
Authentication (Greek: αυθεντικός = real or genuine, from 'authentes' = author ) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. Authenticating an object may mean confirming its provenance, whereas authenticating a person often consists of verifying their identity. Authentication depends upon one or more authentication factors. In computer security, authentication is the process of attempting to verify the digital identity of the sender of a communication such as a request to log in. Testing the authentication schema means to understand how the authentication process of the application works and try to break it.
4.4.1 Default or guessable (dictionary)user account
First we test if there are some default user accounts or guessable username/password (dictionary testing)
4.4.2 Brute Force
Then we can begin a brute force testing (not easy to implement cause time limit and lockuot of user)
4.4.3 Bypassing authentication schema
Maybe in passive mode, when the tester study the authentication schema, he should notice that not all the application's private resources are adequately protected and you can access it without authenticate yourself.
4.4.4 Directory traversal/file include
Directory Traversal Testing is a particular method to find a way to bypass the application and access to resources: tipically this are misconfiguration errors.
4.4.5 Vulnerable remember password and pwd reset
Here we test how the application manage the process of "password forgotten". We also check whether the application allows the user to store the password in the browser ("remember password" function).
4.4.6 Logout and Browser Cache Management Testing
As final test we check that the logout and cahing functions are properly implemented.
OWASP Testing Guide v2
Here is the OWASP Testing Guide v2 Table of Contents