With development of standard authentication protocols like WS-federation, SAML and OAuth, there should be very few situations where a web application has to implement its own storage and logic for handling user credentials. This blog from Premier Developer consultant Marius Rochon enumerates the benefits of using out-of-the-box authentication solutions, some myths preventing their adoption and possible exceptions for not using these solutions.

http://blogs.msdn.com/b/mrochon/archive/2014/12/02/should-an-application-handle-user-credentials.aspx