If you have a section such as this in your ASP.NET web.config:
<authentication mode="Forms">
<!-- 525600 mins = 1 year -->
<forms cookieless="UseCookies" timeout="525600">
<credentials passwordFormat="Clear">
<user name="jdoe" password="jdoesPassword" />
<user name="mrFancypants" password="fancyPassword" />
</credentials>
</forms>
</authentication>
You can access the user credentials via C# with the following code
var webConfig = WebConfigurationManager.OpenWebConfiguration("~");
var authSection = (AuthenticationSection)webConfig.GetSection("system.web/authentication");
var user = authSection.Forms.Credentials.Users["jdoe"];
// Check if the user exists and if the passwords match
if (user == null || user.Password != "aPasswordHere")
throw new ApplicationException(notAuthMessage);
I hope this will save you some time!
Pedro Liska 