The card below is the “product under test”. Use guided mode to see the bug list upfront, or blind mode to find them yourself first.
Techniques: Metrics & reporting, Coverage-based testing
Test plan: User registration feature
Requirements
- User can register with email + password
- Email must be unique
- Password must be at least 8 characters
- Confirmation email sent on registration
- User cannot log in until email is confirmed
- Account locked after 5 failed login attempts
Test cases
- TC-01: Register with valid email and password → success
- TC-02: Register with duplicate email → error shown
- TC-03: Register with 8-character password → success
- TC-04: Log in with confirmed account → success
Your findings
0 / 0 bugs foundTick each bug as you confirm it on the page above. Progress saves automatically.
Write down every bug you find. Be specific — where it is, what’s wrong, what it should be.
Planted bugs (5)
- REQ-5: 'User cannot log in until email is confirmed' has no corresponding test case. This is a significant gap — unconfirmed login is a security risk.
- REQ-6: 'Account locked after 5 failed login attempts' has no test case. Brute-force protection is untested.
- REQ-4: 'Confirmation email sent' has no test case. TC-04 tests login after confirmation but doesn't verify the email was actually sent.
- TC-03 tests the boundary with an 8-character password (passing case) but there's no test for a 7-character password (the failing case). Both boundary values must be tested.
- The test plan has only happy path and one negative (duplicate email). Missing: empty submission, invalid email format, SQL injection, very long inputs.
Coverage gap analysis: map each requirement to at least one test case (positive) and one negative case. Flag any requirement with zero tests as an explicit gap.