Does UserId data type affect FormsAuthentication.SetAuthCookie(UserId.ToString(), false)?

Does the original data type of the username string in a call to FormsAuthentication.SetAuthCookie(...) make any difference with regards to security or code maintainability?

As I understand it, the cookie is encrypted and used to identify a user on each request. I'm curious whether it should affect the design of the primary key on my Users table in my database, eg. Guid开发者_如何转开发 vs int or a unique username string.

FormsAuthentication.SetAuthCookie has no knowledge of your key. It expects a Username, which is the lingua franca for most all interop between the ASP.Net providers.

So, No, your key could be a 10mb blob and you would still pass the Username, which is typically a human readable string, to FormsAuthentication.SetAuthCookie.

What I am getting at is that the UserId is not stored in the auth ticket so the data type or size of the UserId has no effect on the auth ticket cookie.