Verify Sensitive User Data Is Not Transmitted or Stored in Plain Text

Verify no sensitive data is transmitted or stored in plaintext

Test case designer: name
Date of creation : 02.07.2025

Test case description

Ensure sensitive data (passwords, session tokens) are not exposed in plaintext.

Pre-state:

User account exists

Test Steps

Open the browser’s developer tools (Network tab).
Navigate to the Login page and attempt login with valid developer credentials.
Monitor the request payload to confirm:

Data is transmitted over HTTPS.
Password is not logged or exposed in console logs.

Check local storage and cookies for stored data.

Expected result

No sensitive data (passwords, session tokens) are transmitted or stored in plaintext.
All communication is encrypted.

Edited Jul 09, 2025 by AH0981