Handling FormsAuthentication Events
You can choose to handle the FormsAuthentication_OnAuthenticate event in order to do all cookie management in whatever way you want. Although in many applications you might want to take advantage of the .NET Framework support to manage this for you, some applications might have specific requirements, such as storing credentials in the cookies. These applications should handle the FormsAuthentication_OnAuthenticate event to perform cookie management in whatever way desired.
See Also
ASP.NET Web Application Security | Forms Authentication Provider