ASP.NET Forms Authentication considered broken | Dark Hacker News