Start by finding out what the reported problem is:
Add a
try...catch
block round that code (with the using block will be fine) and examine the Exception object that is caught in the debugger: it will contain more detail on exactly what the problem is. Without that, we are all just whistling in the dark.
The chances are that it's something pretty simple, like a field that is too big for the column you have allocated in the DB, or a unique value (such as a primary key) that isn't unique.
But until you get the message, and can look at exactly what data you are feeding into the parameters, nobody can tell.
And we can't do it for you: we don't have access to your DB, or the data you are feeding in.
BTW: the message box implies that you are storing passwords in clear text: if so, that is a
Code Crime[
^] and is a very, very bad idea. See here:
Password Storage: How to do it.[
^]