Yes you can do it. You pass the encoded information to the userData field of the FormsAuthenticationTicket constructor:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(version, name, issueDate, expirationDate, isPersistent, yourEncodedData); string secureTicket = FormsAuthentication.Encrypt(ticket); Response.Cookies.Add( new HttpCookie(FormsAuthentication.FormsCookieName, secureTicket));
Ideally, this should be done over an SSL connection, and the cookie should be marked with both HttpOnly and Secure attributes.
Then, to get the value:
FormsIdentity id = (FormsIdentity)User.Identity; FormsAuthenticationTicket ticket = id.Ticket; string yourEncodedInfo = ticket.UserData;
You can also simply set up your own cookie, separate from the auth ticket form.
However, storing the password directly in the cookie, even if it is encrypted, is not a good idea from a security point of view. Use session state instead:
Session["password"] = password;
Session state also uses a cookie, but the cookie itself contains only the key. The server uses the key to obtain a dictionary of key / value pairs unique to this session that remain on the server (or serialized in the database, depending on how it is configured).