CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, is a security measure commonly used on websites to prevent bots from accessing or manipulating the website. With the increasing threat of automated attacks, it is imperative that CAPTCHA systems are thoroughly tested to ensure they function as intended. Novatesting would like to outline various test cases that should be considered while testing CAPTCHA to ensure its robustness and effectiveness in preventing unwanted access.

TC#1Test the slow authentication image on the Internet. An error message for invalid captcha will not be displayed.
TC#2Test the wait time for the Captcha. The time during which the authentication image is selected.
TC#3Verify a new captcha is created in case the user adds a wrong captcha.
TC#4Verify an appropriate error message is displayed in case the user doesn’t fill in the verification image correctly.
TC#5Verify an error message is displayed in case the user doesn’t fill in the verification image.
TC#6Verify an error message is displayed in case the user partially fills in the verification image.
TC#7Verify an error message is displayed when the page times out waiting for the verification image.
TC#8Verify if the audio option is added to the verification image as requested.
TC#9Verify if the authentication image is displayed on the ad-blocker.
TC#10Verify if the captcha works on adblocker or not.
TC#11Verify if the website accepts valid authentication images.
TC#12Verify that a new authentication image will be displayed every time the page is reloaded.
TC#13Verify that the added captcha is appropriate.
TC#14Verify that the authentication image is required on the requested website.
TC#15Verify that the user can request a new authentication image without having to reload the page option.
TC#16Verify that the user’s IP is blocked when attempting to enter invalid authentication image after a certain number of attempts (may be blocked for a certain time).
TC#17Verify the authentication image and click the submit button twice. An error message for invalid authentication image will not be displayed.
TC#18Verify the time period during which the authentication image is uploaded on the website.

We now tends to use Google’s ReCaptcha and some self-coded ones for Captcha, which can be in the form of Image, Text, or Audio. The method of testing also depends on the form that we are using.

Leave a Reply

Your email address will not be published. Required fields are marked *