POP QUIZ: What's wrong with this code - part 1

Here is another trivia question.  Comment with your answer and I will post the comments Friday along with the answer.

What is wrong with this code

Using Forms Authentication, here is Login.aspx.cs (updated the code slightly, assume the AuthenticateRequest function will check the user input to make sure it is valid entries):

 using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }

    void Logon_Click(object sender, EventArgs e)
    {
        string username = UserNameTextBox.Text;
        string password = UserPassTextBox.Text;

        if (AuthenticateRequest(username, password))
        {

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
              username,
              DateTime.Now,
              DateTime.Now.AddMinutes(30),
              isPersistent,
              userData,
              FormsAuthentication.FormsCookiePath);

            // Encrypt the ticket.
            string encTicket = FormsAuthentication.Encrypt(ticket);

            // Create the cookie.
            Response.Cookies.Add(new 
              HttpCookie(FormsAuthentication.FormsCookieName, 
              encTicket));

            FormsAuthentication.RedirectFromLoginPage
               (username, false);
        }
        else
        {
            throw new System.Exception(
                 "Error authenticating the user");
        }
    }

    bool AuthenticateRequest(string username, string password)
    {
        // Do authentication here
    }
}

So what is wrong here?