What you are looking to do is called Single Sign On and Single Sign Off. There are differences based on how you have the applications set up. I will try to clarify where those differences come into play.

To implement single sign on and single sign off you need to make the cookie name, protection, and path attributes the same between all the applications.

<authentication mode='Forms'>     <forms name='.cookiename'            loginUrl='~/Login.aspx'             timeout='30'             path='/' /> </authentication> 

Next you need to add the machine keys and they need to be the same between all your applications.

<machineKey validationKey='F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902'             encryptionKey='F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902F8D923AC'             validation='SHA1' /> 

Are you using second or third level domains for the applications? If so you will need to do a little bit more by adding the domain to the cookie:

protected void Login(string userName, string password) {     System.Web.HttpCookie cookie = FormsAuthentication.GetAuthCookie(userName, False);     cookie.Domain = 'domain1.com';     cookie.Expires = DateTime.Now.AddDays(30);     Response.AppendCookie(cookie); } 

Now to do single sign off, calling FormsAuthentication.SignOut may not be enough. The next best thing is to set the cookie expiration to a past date. This will ensure that the cookie will not be used again for authentication.

protected void Logout(string userName) {     System.Web.HttpCookie cookie = FormsAuthentication.GetAuthCookie(userName, False);     cookie.Domain = 'domain1.com';     cookie.Expires = DateTime.Now.AddDays(-1);     Response.AppendCookie(cookie); } 

I am taking into consideration you are using the same database for all the applications. If the applications use a separate database for registration and authentication, then we will need to do some more. Just let me know if this is the case. Otherwise this should work for you.