Implementing OpenID in ASP.net “Properly” – Membership or Authentication Provider?
There are several ways to use OpenID on ASP.net sites, but none of them seem to use the existing mechanism of Membership and Authentication Providers.
authentication
Basic authentication in ASP.NET MVC 5
What steps must be done to implement basic authentication in ASP.NET MVC 5?
Differences in forms auth timeout and session timeout
The session state timeout is set using this web.config element
How to set Azure Authentication custom login return url?
I followed this article https://azure.microsoft.com/en-us/blog/announcing-app-service-authentication-authorization/ to set up Azure authentication for my MVC app. First I turned on Azure AD provider. In the Authentication / Authorization settings, I selected “Allow request(no Action)” for “Action to take when request is not authenticated” because I only need users to login for certain controller actions.
Dotnet core 2.0 authentication multiple schemas identity cookies and jwt
In dotnet core 1.1 asp, I was able to configure and use identity middleware followed by jwt middleware by doing the following:
Client Authentication via X509 Certificates in asp.net
I have an asp.net application and I need to authenticate users using X509 certificates. That is, the user must install a certificate issued by me so that he can browse my website and I can identify which user is, by this certificate.
Logout User From all Browser When Password is changed
I have a Reset Password page: 
How do you handle ajax requests when user is not authenticated?
How do you handle ajax requests when user is not authenticated?
Multiple/Different authentication settings in web.config
How would I go about setting different authentication tags for different parts of my web app? Say I have:
Is encrypting session id (or other authenticate value) in cookie useful at all?
In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption.