One of the most useful and perhaps most misunderstood authentication schemes built in to the ASP.NET runtime is Forms Authentication. Useful, because it is highly extensible and flexible (as we'll see in a moment). Misunderstood, because most developers don't get past the default setup described in the documentation and therefore never find out how to extend and customize it.
Disclaimer The opinions expressed herein are my own personal opinions.