Forms authentication is a non-Microsoft-specific mechanism, which existed before ASP.NET. In those days, developers created custom forms consisting of a user name and password field. When a user clicked on the Login
button, the form triggered code that checked to see if the user had access to the site. The result was usually stored as a token in the form of a cookie or a session variable. The code that did the checking involved quite a bit of logic. Not only did the developer need to ensure that the code was triggered on all pages that required authentication, he or she also had to manage the state of the token throughout the site.
Today, with ASP.NET technologies, you can find ready-to-use solutions that make implementing Forms authentication much easier. MCMS has its own flavor of Forms authentication in the form of its own set of classes in the Microsoft.ContentManagement.Web.Security
namespace.