Several things wrong here:
1) Never store passwords in clear text - it is a massive security problem. Passwords should be hashed, and the hash value stored in the DB. This requires changes to your presentation software, and there is an example here for C#: Password Storage: How to do it.
2) Why have two tables storing the same thing? That just risks potential duplication and problems. Instead, have one table with a column that says if the row is for a User or a Student. That way all your login, registration, change password, etc. code becomes a whole load cleaner as it is all stored in the same place. With your scheme, it's quite possible to get the same userID in two different tables and then you never know what is going on!