Auth System for a Large Number of Users

You should use session file or temp handling for the auth system.

Don't forget that database sessions use locking.

Thanks InsiteFX. When you say to use session file for the auth system, this is separate to the actual storage of the user's registration details, right?

I've mostly used database storage for session data in ASP.NET Identity, but always used file system based sessions in PHP. I was thinking about changing to database stored sessions for this project, so your reminder about locking has given me something to think about.