If all you want is stock ASP.NET 2.0 membership you can stop reading now. But for those that want to (even if ever so slightly) customize the provided experience, here are a few tips...

Decide on exact options of the membership provider as soon as possible. The experience in Visual Studio and in Web site administration tool will adapt automatically to your settings. It's really cool once you realize it, but might cause you some pain if you don't. Example: if you remove the options of security question and answer present on CreateUserWizard and PasswordRecovery controls and then drag and drop one of these two controls on a form the controls for the question and answer will not be created.

One other very important thing is password format to use - if you start your project by not configuring this, you'll get the default which is Hash. Nothing wrong with this, except that now the users of the site cannot retrieve their passwords, they can only reset them to a new one. If this does not fit your need, but you already have users in the database, you won't be able just to change the settings in the web.config and hope for things to work - I had to trigger the re-creation of the database from scratch to get normal behavior.

Finally, I have either found a bug or there is an irritating inconsistency in the way events are fired for the CreateUserWizardStep control. This control is part of the CreateUserWizard control and is the main step of this wizard. Normally you'd not play with it at all, but my wife's project is for Serbian public and needs to be in Cyrillic so we have to customize everything. But I digress - we found out that Activate event does not fire for this control, either because it is the first “page” of the wizard, or because it is somewhat special. Not a biggie, but does cost you a few minutes of your time to discover.