Start off by not doing it like that!
Not only does it leave you wide open to SQL Injection attacks, but it probably contributes to (or causes) your problem. Never concatenate strings to form an SQL command! Always use parameterised queries.
protected void Button1_Click(object sender, EventArgs e)
{
connParam = @"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=D:\\Projects\\App_Data\\Database.mdb; Persist Security Info=False";
Conn = new OleDbConnection(connParam);
try
{
Conn.Open();
OleDbCommand oleDbCmd = new OleDbCommand("insert into Users (UserName,Email,Password,RePassword) values (@UN, @EM, @PS, @RP)", Conn);
oleDbCmd.Parameters.AddWithValue("@UN", TxtUname.Text);
oleDbCmd.Parameters.AddWithValue("@EM", TxtEmail.Text);
oleDbCmd.Parameters.AddWithValue("@PS", TxtPaswrd.Text);
oleDbCmd.Parameters.AddWithValue("@RP", TxtRePaswrd.Text);
oleDbCmd.ExecuteNonQuery();
}
catch (Exception ex)
{
Response.Write(ex);
}
finally
{
if (Conn != null && Conn.State == ConnectionState.Open)
{
Conn.Close();
}
}
}
And remember that if you don't use parameterised queries, I can probably bypass your login if I want to and log in as you without needing any password...from anywhere in the world.
And please, Never store passwords in clear text - it is a major security risk. There is some information on how to do it here:
Password Storage: How to do it.[
^]