whats are the major disadvantages of using Membership API?

Whats are the major disadvantages of using Membership API? And when sho开发者_如何学Culd i consider relying on using manual coding?

NEVER write your own code for anything to do with security. This includes authentication/membership.

Writing your own authentication system is deceptively easy: the basic functionally is simple to write and test. However, the problem here is designing the process to be secure. Because it's easy to do, it's also very easy to build something that only seems to work — it passes all your tests, allows those it's supposed to and does not allow those it isn't, and so you deploy your system. Then along comes a hacker and finds that little flaw in your design. A year later you finally find out you've been cracked.

The thing about the membership API is that it's extensible. If there's not an out-of-the-box provider that does what you need you can extend one without having to start from scratch, so it would be pretty exception circumstances indeed that prevent you from using it.

This principle applies not only to ASP.Net, but also to any other platform where you might want to implement an authentication system. Whatever platform you have, always lean as much as possible one the battle-tested security features provided to you.