Here are the issues i see with your page:
1) there are 2 Security Assist Authenticate User behaviors on the page, one is used when the login form is filled out, the other is used for the auto login.
Only the auto login behavior has been modified to store the user level session, you will need to modify the other as well.
2) You have contradictory server validations. You have one validation that is using a regular expression to Force only numbers, and another regular expression to force only letters. If one passes, the other will fail.