Im going to make an initial assumption that you are using MVC 4 or greater.
To address your questions first, you should only use the
[Authorize]
attribute on your controller Actions if you have to be logged in in order to view whatever data/page that action serves. So in your case, if you want the user to be logged in to your app in order to view the About page, then yes this needs the Authorize Attribute along with every page that you require the user to authenticated to view.
Another note, there is even an attribute
[AllowAnonymous]
that you can decorate actions of your controller that explicitly says users who are not logged in have the ability to view the data/page of the targeted action.
So reason for my assumption, when creating a brand new MVC project in visual studio, if you make the proper project selections you should end up creating a initial application that provides register user, login, account management and ability to view some pages anonymously vrs a requirement of being logged in to view other pages.
If you are trying to do this all from scratch (im guessing yes since as I understand your question you say that anytime they click a link that has Authorize attribute on it, they are required to log in which means the auth cookies are not being set).
Since you are learning I would highly recommend you use the boiler plate application that is auto generated as a new project and build on top of that. I think what i reference can be seen here, only skimmed over this link:
MVC and Identity Framework 2.0[
^]
By using the project generated by visual studio you bypass the need of having to code all the back end plumbing that is required to properly handle authentication which includes persisting sessions to not require logging in every time they click an action decorated with the
[Authorize]
attribute.
Some further links I would encourage you to look into for MVC authentication.
Securing your ASP.NET MVC 4 App and the new AllowAnonymous Attribute – RickAndMSFT on Azure & MVC[
^]
ASP.NET Identity | The ASP.NET Site[
^]
ASP.NET MVC and Identity 2.0: Understanding the Basics[
^]