Since today is Monday, my first inclination is "forgot password." I checked my log, and I see the user has validated.
I've been having problems with Internet Explorer for a few months along these lines. The use logs in, yet forms authentication doesn't recognize them. Using any other browser avoids the problem.
I've looked and looked, but haven't been able to find a solution, until today.
The problem is that when the user logs in, the system creates a session cookie, which holds the authentication ticket. Without said cookie, the user can't look at protected content.
I found the solution. By adding a single line to the web.config file, the problem goes away.