You are right the Public Users feature is not complete although you are free to make your own implementation. There will be two approaches for separating public from administrative users. The most obvious and easy way will be to separate them in different roles and give them the appropriate permissions. The second approach will be to use different Membership providers. In this case you will need to crate a second login form for the public users and specify provider name. Note that different providers can use the same or different databases. If both providers are using the same database then you have to specify different application names for both providers otherwise they will act as one provider. This explanation may be confusing but we will provide an example in the near future.