# VBForums CodeBank > CodeBank - ASP / ASP.NET / MVC / Web API >  How to use Forms login for a whole ASP .NET Web App

## JMvVliet

Create a web project. Add a web.config file. change the following line:

<authentication mode="Windows"/>

to

<authentication mode="Forms"> 
		<forms name="PieperWEB" loginUrl="Login.aspx" protection="All" timeout="60" />
    </authentication>

also change the line:

<authorization>
        <allow users="*" /> <!-- Allow all users -->

            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
            -->
    </authorization>

to

<authorization>
        <deny users="?" /> <!-- Deny unauthorized users -->

            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
            -->
    </authorization>

Now, add a page, name it Default.aspx, then, add a page, name it Login.aspx.

Before you can use default.aspx, you ALWAYS must login via Login.aspx.

Enjoy!

----------

