ASP.NET identity vs FormsAuthetication

Question

We have ASP.NET ( Silverlight) LOB Web application which was developed using .Net 4. Now we have to get rid of the current authentication mechanism and implement new one. I think we have two options here:

1> Forms Authentication using Membership provider ( This is available in .Net 4)
2> ASP.NET Identity ( This is not available in .Net 4. So we have to update the target framework to 4.5 or latter)

I have gone through the article here that describes the difference between these two and based on my understanding the 2 major differences are:
1> You can configured identity framework to use social credentials.
2> Identity framework code can be unit tested.

We have LOB application. So likelihood of allowing users to use their social credential to login into our application is very very less. So i am looking for suggestion whether it is really worthwhile to spend time and implement identity framework for authentication. (Note that for identity framework I will have to convert target framework of all projects to 4.5). The only advantage I see here is unit testing.

Answer 1

Updating to later framework is not a problem. Going back the way usually causes problem, but you won't have to do any code changes if you go from 4 to 4.5. Or rather 4.5.1 which is latest in 4.5.x.

If architecture advantage is not an advantage to you, then security must be. Identity uses PBKDF2 with HMAC-SHA256 password hashing. This is not available in MembershipProvider which comes with SHA1 as default hashing which is not considered secure at all in 2016

Otherwise I enjoy working with Identity framework - it is a lot easier to do things with rather than monstrous MembershipProvider. Some things took me few hours to implement in Identity that took weeks with MembershiProvider. So speed of development is another consideration.

Also MembershipProvider is not getting any new versions, why do you want to use old framework when a new shiny supported framework is available?