Transfering login information between ASP.netand SQLServer2008

GO
/****** Object:  StoredProcedure [dbo].[SelectUserPassExist]    Script Date: 01/26/2015 12:28:14 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author:		<author,,name>
-- Create date: <create>
-- Description:	<description,,>
-- =============================================
ALTER PROCEDURE [dbo].[SelectUserPassExist] 
	@Usr nvarchar,
	@Pass nvarchar
AS
BEGIN

if not exists( select [UserName],[Passcode] from Users where ([UserName]=@Usr and [Passcode]=@Pass))
   Begin
    return -3
    end
   else
         Begin
              return 2
          end
end

protected void Button1_Click(object sender, EventArgs e)
    {
        int userExists;
    //    string strUserExists,strUser;
        //SelectFullName objSelectFullName = new SelectFullName();
        //string strUserName;
        //DataRow drFullname;
        //drFullname = objSelectFullName.SelectName(txtUsername.Text, txtPassword.Text);
        //strUserName = drFullname.ToString();
        userExists= CheckUserPass(txtUsername.Text,txtPassword.Text);
        //strUser= DRow["Username"].ToString();
        if (userExists == -3)
        {
            lblMsg.Text = "Username or Password is wrong.";
               }
        else
        {
            {
                Session["Usr"] = txtUsername.Text;
                FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, chkRememberMe.Checked);
         
            }
        }   
    }
    private int CheckUserPass(string strUsr,string strPass)
    {
        int retVal;
        string strConnectionString = ConfigurationManager.ConnectionStrings["GarnetWebsiteConnectionString"].ConnectionString;
        SqlConnection con = new SqlConnection(strConnectionString);
        SqlCommand com = new SqlCommand();
        com.Connection = con;
        com.CommandType = CommandType.StoredProcedure;
        
        com.CommandText = "SelectUserPassExist";
       
        SqlParameter retParam = new SqlParameter("@Return", SqlDbType.Int);
        retParam.Direction = ParameterDirection.ReturnValue;
        com.Parameters.Add(retParam);
        com.Parameters.AddWithValue("@Usr", strUsr);
        com.Parameters.AddWithValue("@Pass", strPass);
        con.Open();
        int intRows = com.ExecuteNonQuery();
        retVal = (int)com.Parameters["@Return"].Value;
        con.Close();
        return retVal;
}