Use session instead,
Save to session: Session["UserName"] = "MyUserName" (wherever you're getting it)
You'll probably want to do this wherever the user is logging in.
Retrieve/Set it to your label : Username.Text = (string)(Session["UserName"]);
This way you have access to it wherever you need it and someone can't simply manually change the query string to impersonate another user.
In order to use session, you must enable it using the session state node in web.config, the in-process mode will probably suit your needs the best. Put the following node in the <system.web>
node of your web.config:
<sessionstate
mode="inproc"
cookieless="false"
timeout="20"
/>
Edit based on your code samples, see how I am setting the "UserName" session var and retrieving it later:
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack) {
Username.Text = Request.Headers["displayname"];
DateUpdated.Text = DateTime.Now.ToString("M/dd/yy");
Session["Username"] = Request.Headers["displayname"];
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack) {
Username.Text = (string) (Session["Username"]);
DateUpdated.Text = DateTime.Now.ToString("M/dd/yy");
}
}