You can use the AND keyword in any sql statement with WHERE like this
query = "SELECT userid, password, usertype FROM users WHERE userid = @userid AND password = @password AND usertype = @usertype";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@userid", textbox1.Text);
cmd.Parameters.AddWithValue("@password", textbox2.Text);
cmd.Parameters.AddWithValue("@usertype", textbox3.Text);
take note how I used a parameterised query instead of directly concatenating the text boxes values.