Here, you need to consider the most important feature of an application i.e. Authentication and Authorization for security purpose.
Remember one thing when you have login application, firt and foremost thing to consider from security point of view is this query which you have posted.
Nowcoming to your queries, you need to have to use
Windows.History.Forward()
feature in javascript
Windows history forward[
^]
The above method allows you to manipulate the browsers history. So the back button would not work in the similar fashion.
Using this in both the pages will solve your problem 1 & 2.
Another suggestion is to use session or forms authentication in ASP.NET for security purpose.
Few links:-
MSDN[
^]
Form authentication and authorization in ASP.NET[
^]
These would surely help you for 3rd query. You could also set the Session(trivial) for the unique username or email and then use Authorize attribute to check if the session exists or not then allow to navigate into the pages else the login page.
And on logout just remove the session, so that they cannot get into the pages directly without login.
I hope I could make you understand some thing.
Post back any queries you have.
thanks.