Try this:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("SELECT iD, password FROM myTable WHERE userName=@UN", con))
{
con.Parameters.AddWithValue("@UN", userNameTextBox.Text);
using (SqlDataReader reader = com.ExecuteReader())
{
if (reader.Read())
{
int id = (int) reader["iD"];
byte[] pw = (byte[]) reader["password"];
...
}
}
}
}
You can then check your password matches and log him in if it does.
BTW: Don't store your password in text format - it is a real security hole. Instead, use a Hashing function.
Password Storage: How to do it.[
^]