Sign-in program in ASP.net

Follow the answers given by Abhinav S and Sergey Alexandrovich Kryukov, which says not to pass the username and password in between pages as it is security threat and will create hole to your application.

Use Sessions
So, try to save in session so that you can access them in any page till user signs out, which will be secure.

Refer Prize winner article - Exploring Session in ASP.NET[^] to explore about sessions in details. Storing and retrieving values from Session[^] section of the article will give you simple example how to do it.

Problem in your code
Now coming to your code, the problems are as follows...

1. You are sending the QueryString named as "id", but trying to get it as "idname", for which you are not getting the data. (All underlined)

Response.Redirect("todo.aspx?id= "+TextBox1.Text+" ");

string str = Request.QueryString["idname"].ToString();

2. There is one space after "id" and "+" sign in the QueryString, which is also create problem.
And there are extra "+" and quotes after the TextBox1.Text, which are not required. (All underlined).

Response.Redirect("todo.aspx?id= "+TextBox1.Text+" ");

So, the code will be like below...

Response.Redirect("todo.aspx?id=" + HttpUtility.UrlEncode(TextBox1.Text));
string str = Request.QueryString["id"].ToString();

Thanks...

First thing you have to learn: never store a password anywhere, never pass it through the network using insecure protocol. You may ask "how to authenticate then?" This is the whole idea. You never need it for authentication. Disagree? Cannot believe that? Keep reading.

Please see my past answers:
storing password value int sql server with secure way[^],
Decryption of Encrypted Password[^],
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^],
TCP Connection with username and password[^].

—SA