the terms window and forms authentication are as below. ==> Windows authentication is the default authentication method of the ASP.NET application. It uses the security scheme of windows operating system of corporate network. Windows authentication uses user names, passwords, and permissions of network resources and Web applications. User lists for Windows authentication are included in the element of Web.config. ==> Form authentication allows creating own database of users in the application’s Web.config file or in a separate user database and validate the identity of the users when they visit Web site. Users do not have to be member of a domain-based network to have access to your application