"Password" is a reserved word: you need to escape it:
string query = "update DefaultProfile set [Password]='abc123' where RegNo='admin'";
But... don't do it like that!
1) Don't pass values to and database as strings, particularly if they may (as these will) originate with the user. Use Parameterised queries instead. passing strings as part of your SQL is an invitation to SQL injection attacks, which can damage or destroy your DB!
2) Never store passwords in clear text - it is a major security risk. There is some information on how to do it here:
Password Storage: How to do it.[
^]