The snippet below describes on how we are going to validate the user credentials being supplied by the end user in Login page using the ADO.NET way..

C#

protected void ValidateUserInfo(string user, string pass)
{
  
    SqlConnection connection = new SqlConnection("YOUR CONNECTION STRING HERE");
    string sql = "SELECT * FROM TableName WHERE UserID = @username AND Password = @password";
    SqlCommand cmd = new SqlCommand(sql,connection);
    cmd.Parameters.AddWithValue("@username", user);
    cmd.Parameters.AddWithValue("@password", pass);
    connection.Open();
 
    DataTable dt = new DataTable();
    SqlDataAdapter ad = new SqlDataAdapter(cmd);
    ad.Fill(dt);
    if (dt.Rows.Count > 0) { //check if the query returns any data
        //Valid Username and Password
        Response.Redirect("Default.aspx");
    }
    else
    {
        Response.Write("INVALID Username and Password, Try Again!");
    }
    connection.Close();   
}
protected void Button1_Click(object sender, EventArgs e)
{
  ValidateUserInfo(TextUserName.Text.Trim(), TextPassword.Text.Trim());
}

VB.NET

Protected Sub ValidateUserInfo(ByVal user As String, ByVal pass As String)
   
    Dim connection As New SqlConnection("YOUR CONNECTION STRING HERE")
    Dim sql As String = "SELECT * FROM TableName WHERE UserID = @username AND Password = @password"
    Dim cmd As New SqlCommand(sql, connection)
    cmd.Parameters.AddWithValue("@username", user)
    cmd.Parameters.AddWithValue("@password", pass)
    connection.Open()
   
    Dim dt As New DataTable()
    Dim ad As New SqlDataAdapter(cmd)
    ad.Fill(dt)
    If dt.Rows.Count > 0 Then
        'check if the query returns any data
        Response.Redirect("Default.aspx")
    Else
        Response.Write("INVALID Username and Password, Try Again!")
    End If
    connection.Close()
End Sub

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As EventArgs) Handles Button1_Click
    ValidateUserInfo(TextUserName.Text.Trim(), TextPassword.Text.Trim())
End Sub

That simple! Happy Coding!