Already have a database? If so, use forms authentication and ASP.NET membership , as everyone says. It is very easy to integrate into your current database (assuming it's a sql server - I don't know about others). I understand that adding a database for 2 or 3 users is not always an option because of the budget or something else, so you can use forms authentication and store the user in the web.config file. I have done this in the past, and it is very simple.
Your web.config will look like this:
<authentication mode="Forms"> <forms loginUrl="Login.aspx"> <credentials passwordFormat="Clear"> <user name="myUser" password="password" /> </credentials> </forms> </authentication>
Then you can use the built-in input controls. If you do, you need to implement the Autenticate event.
protected void Login1_Authenticate(object sender, System.Web.UI.WebControls.AuthenticateEventArgs e) { string UserName = Login1.UserName; string Password = Login1.Password; if (FormsAuthentication.Authenticate(UserName, Password)) { e.Authenticated = true; } else { e.Authenticated = false; } }
Of course, this is not the safest way to do this, and you probably want to at least look at credential encryption in web.config, but it just works when the database is not an option.