When using forms authentication, it generates a ticket that is stored in a cookie on the clients web browser. This ticket also has the userID or username of the currently logged in user, all encrypted ofcourse. How easy/hard is it to de ...