securing ASP.NET forms authentication token on client side?

In my website, I am not using any authentication or authorization. I've created login page to capture the user credentials and check against database. If the user successfully authenticates, it's storing the user data in session and navigating to other pages.

How thinking of implementing Forms Authentication, but my concern is how to secure the authentication token in client browser for security reasons. Does anyone have any ideas how to 开发者_StackOverflow中文版secure the authentication token?

Session:
Fast, Scalable, and Secure Session State Management for Your Web Applications

Authentication:
How To: Protect Forms Authentication in ASP.NET 2.0

 Step 1. Configure

Ensure that your forms authentication tickets are encrypted and integrity checked by setting protection="All" on the element. This is the default setting and you can view this in the Machine.config.comments file.

<forms protection="All" ... />

 Step 2. Use SHA1 for HMAC Generation and AES for Encryption

<machineKey 
   validationKey="AutoGenerate,IsolateApps"
   decryptionKey="AutoGenerate,IsolateApps"
   decryption="Auto" 
   validation="SHA1" />

 Step 3. Protect Authentication Tickets with SSL

<forms loginUrl="Secure\Login.aspx"
       requireSSL="true" ... />