On a separate note, do not do your database access like that: it is an invitation to a deliberate or accidental SQL Injection attack which could destroy your database. Use Parametrized queries instead:
SqlCommand cmd = new SqlCommand("SELECT username,password FROM Users WHERE username=@UN and password=@PW", connect);
cmd.Parameters.AddWithValue("@UN", textBox1.Text);
cmd.Parameters.AddWithValue("@PW", textBox2.Text);
string result;
result = (string)cmd.ExecuteScalar();