Keys to testing 2-factor authentication

End-to-End Tests Mar 04, 2020

Modern security-conscious applications often use 2-factor authentication as a default way of logging in. It's more secure and increasingly easy to implement.

At the same time, this login solution is one of the least tested features and most difficult to automate. Your login, whatever approach you take, is one of your most important test cases.

So why is it so rarely automated?

It is incredibly difficult to automate testing of 2-factor app. As we noted in prior posts, the Selenium code itself is like an assembly language for automation. On top of that, you need to code the interaction with Twilio yourself and process all the corner cases yourself (or deal with even more flakiness).

And that distracts you from the goal of test automation: making sure the functionality actually works.

Think about it. Is your job to write more test automation code or make sure that your system functions correctly?

What if you could save half of the day on creating your tests by using just plain English to quickly & easily cover these types of test cases?

click "Sign in"
enter "user" into "Username"
enter "password123" into "Password"
click "Verify me"
check that sms to "+12345678902" is delivered and matches regex "Code\:\d\d\d\d" and save it as "sms"
extract value by regex "(?<=Code\:)[0-9]{4}" from "sms" and save it as "confirmationCode"
enter saved value "confirmationCode" into "code"
click "Continue to Login"
check that page contains text "Welcome, Peter!"

This above is the code for how you can express sequence to test your 2-factor authentication test case in testRigor. That's it!

Compare it with 5 pages of Selenium or Appium code to do the same!

If you would like to try it out we have a one month free trial version available!

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.