I know I have to finish off building my NHibernate-based Membership provider – its about 75% there, but I also want to start writing a bug tracker, a CRM (which may as well include the bug tracker), a light weight CMS and actually post relevant stuff to this website …

First things first. I’ll get the membership provider out of the way.

Hopefully I’ll post something about that later. Basically, the Membership provider that ships with .Net2.0 is fine but I need it to do more.

I need mine to be able to:

• Handle user session objects as well as simple logged in/out cookies;
• Have a more robust security question/answer model;
• Handle a slightly more complex user model, i.e. one with multiple addresses, contact details etc.
• Be more compact and contained, i.e. I don’t want to have to keep writing the code that should already be in the provider.

I know these are straight forward but I want them to be out of the box when I plug my provider in.Finally, an ex-colleague implemented a means of preventing session hijacking which I want to have a stab, and do it at without using databases if at all possible.