I had a custom classes for my validation logins, private pages, etc.

I'm going to jump to asp.net 2, But I not yet decided which of them I'll use.

My fear is the fact of many people to know the architecture of membership of asp.net 2 and to be more easy to arrange a hole to enter in the system.

With my all system, hidden by dll files, i think it's more difficult to a hacker understand my architecture and find a hole...

I'm i right?

One easy way to see if a webmaster use membership class is:
Try to login with any fields and if the error page is "acessdenied.aspx?loginfailure=1" he know that webmaster use membership...

It's possible change the querystring? In other words, it's possible to change "...?loginfailure=1" to "...?Error=1"

Thanks!
Max