When you have built or modified your application definitions, it is recommended that you test each supported application or the Web page for the following scenarios:
Entering a correct username or password.
Entering an incorrect username or password.
Cancelling a login by the user.
Exceeding maximum password retries.
A user changing his or her own password.
Attempting to change to an illegal password.
This illegal password action is relevant when you define a password policy and you try to define a password that does not match the policy.
An administrator cancelling a password change.
An administrator changing a user password.
Expiry of user password.
Locking out the account.
Locking out someone from the account.