This is essentially what RapidShare does, they just give you a really complex URL that most likely will not be randomly stumbled upon, as long as there are no links linking to it. You would most likely be safe.
If you are worried you could put the file in a password protected .zip/.rar file.
Lastly, this username:
[email protected] is generally used for FTP servers, using your ASP.NET server you can set up password protected folders that would present a login screen first before letting the user view the contents of the folder / file.
