There are a few disadvantages but i guess names of the fields would only be helpful in case of sql injection attacks, but even without field names, the same problems arise. Passwords are by default encrypted in the initial version provided. I would rather say that other disadvantages like the functionality provided in through roles is somewhat fixed and extension of the same is not extremely easy. Maybe more functionality can be provided later. I would say that membership has been a much required functionality and there is little disadvantage if you have decided to use ASP.Net. In case one is using membership features, membership control is the logical choice. Just check how much customized functionality you need to give to the users and how creation of different types of roles will serve your needs and make the choice. Also remember it will be far easier to modify membership controls at a later date than user created customized controls.
please refer this
what-are-the-disadvantages-of-using-writting-a-net-custom-membership-provider