You should look at the built in framework login contro
. it will require you to create a separate DB for user's and what not. this will give you a layer of separation and more finite control over login access. Then for your other stuff, yes have it all in one database. The database design is up to you, everyone has their own way of doing it and I've seen well experienced DBA's create them in different fashions. Without knowing all the 'tid-bits' of your database, it will be hard to construct. You will find yourself potentially restructuring your database many times, because even you, with all the knowledge of what you want, will not get it right the first time; no one does. That is why code is changed and updated.
As far as setting up the database and all that fun stuff you are better off choosing a database, and then requesting help there. While you may be doing an asp.net application, it has nothing to do with the database. From the .net side all you will care about is how to connect, and populate and all the other CRUD stuff.