Authentication is mandatory process if you want to make your application more secure in ASP.NET. ASP.NET provides different Authentication providers so that authentication can be more easier. Forms based authentication is the famous one & it is being used more than any other authentication mode. For Forms Authentication we create a login form with the logic so that a user can be validated and Dot Net can create cookie on successful validation, which the application will check for on each client request.

Let’s configure web.config file for Forms Authentication.

If you want to deny access to unspecified or anonymous users, configure the Authorization section of web.config as follows: -

We can use login credentials in web.config file & authenticate against them using the Authenticate() method of the FormsAuthentication provider.