Is *not* using the asp.net membership provider a bad idea?

Posted by EJB on Stack Overflow See other posts from Stack Overflow or by EJB
Published on 2010-06-03T19:18:39Z Indexed on 2010/06/03 19:34 UTC
Read the original article Hit count: 244

Is it generally a really bad idea to not use the built-in asp.net membership provider?

I've always rolled my own for my asp.net apps (public facing), and really have not had any problems in doing so. It works, and seems to avoid a layer of complexity. My needs are pretty basic: once setup, the user must use email address and password to login, if they forget it, it will be emailed back to them (a new one). After setup there is little that needs to be done to each user account, but I do need to store several extra fields with each user (full name, telephone and a few other fields etc). The number of users that required login credentials are small (usually just the administrator and a few backups), and everyone else uses the site unauthenticated.

What are the big advantages that I might be missing out on by skipping the asp.net membership provider functionality?

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about security