"Remember me next time" not working for Login control? Here's why! RRS feed

  • Question

  • User567096628 posted

    I have so many developers asking me this question that I decided to write a post about it.

    Here's what happens:

    1) Lets say I add a ASP.NET Login control to a page called "Login.aspx" 
    2) I set the DestinationPageUrl property to "Success.aspx"
    3) I use the ASP.NET configuration tool to create users
    4) I run the webapp and access Login.aspx from my browser. I give the proper username and password, I also check the "Remember me next time" checkbox and click login. It takes me to Success.aspx.

    So far so good.
    5) Now if I close my browser and open a new instance (or i run the application again) and access Login.aspx, you'd expect it not to ask username/password again and directly take you to Success.aspx, cos we've already done a "remember me".

    It doesnt seem to work as expected. If you look up the Cookies folder on the machine, a cookie has been created. But it still doesn't seem to work.

    Well, just add these few lines to Page_Load of Login.aspx to make it work:

    protected void Page_Load(object sender, EventArgs e)

         if (User.Identity.IsAuthenticated == true)

    The cookie is actually working, that's why the next time you access any page on the site, the User.Identity will reflect the user that was saved with "Remember me.." option. We just have to check for User.Identity.IsAuthenticated in login page and redirect on to our DestinationPageUrl if it's true.

    I hope this helps.

    - &

    Saturday, May 10, 2008 10:35 AM

All replies

  • User1001868398 posted

    You need to set the cookie or use Forms authentication to generate the cookie to stay for more than the session.

    Saturday, May 10, 2008 11:25 AM
  • User567096628 posted
    You can control how long the cookie stays using timeout attribute in <forms> tag in your web.config.
    <authentication mode="Forms">
        <forms cookieless="UseCookies" timeout="525600" />
    Thursday, May 15, 2008 5:55 AM
  • User1941284925 posted

     I'm having this problem, too.  I've tried everything I've seen on forums, but still no luck.  I'm trying to get it so that if you log out, it will remember the username and password and if you checked the remember me box or not.


        <asp:Login ID="Login1" runat="server" RememberMeSet="true" CssClass="loginClass" TitleText="">

     In the web.config:

    <forms name=".ASPXFORMSAUTH" protection="All" defaultUrl="/admin/default.aspx" loginUrl="/login.aspx" cookieless="UseCookies" timeout="600000" slidingExpiration="true">

     And I also added a machineKey.  What else am I missing?  I would have thought that it would remember the username and password automatically. 





    Monday, November 10, 2008 9:38 AM
  • User-1240258526 posted


    I have the same problem :-(

    Can any expert answer on this issue?

    What really need to be done, step by step, in order for this option to work as it should? I have tried all what is written here and nothing helped.

    Thursday, December 18, 2008 5:15 PM
  • User1346815865 posted

    I have the same problem too, i can fix it in this way

    <asp:Login EnableViewState="true"

    The property "remember me" was correctly setted from cookies, but the login page do a postback and it's value where lost, setting EnableViewState to true the login control preserves it's properties. 
    i hope this could help and sorry for my english.



    Monday, December 29, 2008 1:12 PM
  • User394501000 posted

    After banging my head on the wall like everyone else for quite a bit, I finally found a solution that's working for me. It's rather simple too. The missing pieces are the "name" and "path" properties in the authentication/forms node of web.config.

     Here's what I added to mine to make it work:

     <authentication mode="Forms">

          <forms name="yourAppName" path="/" timeout="500000" slidingExpiration="true"/>


    Without these properties, the authentication would always timeout in 30 minutes (without revisiting the site). I guess these properties in the cookie are crucial for this to work. I just used my domain name for the "name" property and it's working perfectly. I would assume any unique name should work, although I didn't try anything different.

     I hope this helps somebody.

    Thursday, February 19, 2009 5:41 PM
  • User1159440550 posted

    To keep the maintenance to a minimum and not require compiling, remember to use the defaultUrl property in the response.redirect when the user is authenticated during the page_load.  Use the following in your login page Page_Load event:

     protected void Page_Load(object sender, EventArgs e)
         if (User.Identity.IsAuthenticated == true)
                 Response.Redirect(FormsAuthentication.DefaultUrl, true);



    Now, you just need to modify the redirect location in one place, assuming you actually added the defaultUrl into the web.config forms tag! 

    <authentication mode="Forms">
          <FORMS class=st loginUrl=""Login.aspx" protection="All" defaultUrl="default.aspx" timeout="20"  name=".SecurityFormsAuth" slidingExpiration="true" cookieless="UseCookies">


    protected void Page_Load(object sender, EventArgs e)

         if (User.Identity.IsAuthenticated == true)

    Wednesday, March 18, 2009 1:02 PM
  • User-2020535490 posted

    Most people are confused because they think the login workflow uses the same cookies with the session management workflow. In fact, they are 2 different checks using 2 different cookies. Full explanation: http://www.codeproject.com/Tips/779844/Remember-Me

    Thursday, June 12, 2014 9:41 AM