I have a very simple login page on my WW application.

They enter their unique ID (no password) and the system sets a cookie with their ID.

Then I use that cookie on every following page to know they are logged in and what is their ID.

Is there a BETTER way to know if they passed login and not worry about they who they?

Naturally I can use Windows authentication, but that is a lot more than my users would want to mess with.

The simple ID is nice, but the cookies are a constant problem.