Synode has a great sessionState implementation.
You could use it to store an entered username and/or password and compare it against either hardcoded users or against a database for authentication. Session state variables persist until the web page is refreshed.