Membership can't validate user after providing machineKey

Question

I have a web site with two endpoints, let's say www.mydomain.com and mydomain.com.

I need my user stay loged in when he jumps from one domain to another.

For this task I could force my users to login on one of domain (let's call it the main) and if somebody visits another - just redirect him to the main domain.

But I have read that I can use Forms Authentication Across Applications and share the same authentication ticket accross multiple domains.

So I decided to give a try to this approach, but it doesn't work for me... the main question why?

What I did:

1. I generated new machineKey from this service.
2. Added it in my web.config.

After this step my old membership provider stoped working correctly. It doesn't validate users with right passwords.

I suppose it's because all passwords in my current database should be encrypted by values from machineKey section.

Could anybody point me at what I am doing wrong and is it possible to make shared authentication with machineKeys and existing membership database that contains passwords in hashed format?

I also experimented with addint protection="All" (I assume that it shouldn't work with hashed password because it forces its encryption by machineKeys) and domain="mydomain.com" attributes to my <forms/> section in web.config, but - no luck.