Nevermind...
Here is the solution:
Added a section to both web.config's with the same values. This allows the main website to create an encrypted session key for the login that the YAF site can decrypt. Put this within the section. Change the keys to a random 48-hex-character value of your own (I used RoboForm to generate my keys).
<machineKey validationKey="DBAEF98E532D4161826F8351C794DFD27C0F814262FD6986"
decryptionKey="DBAEF98E532D4161826F8351C794DFD27C0F814262FD6986"
validation="SHA1" decryption="AES" />
Answer found here: Log in YAF user
Hope it helps someone else one day.