use sql parameters and also you need to use [] for reserved keywords like
user [
^]
using (var connection = new OleDbConnection(ConnString ))
using (var command = connection.CreateCommand())
{
connection.Open();
command.CommandText = "UPDATE Login SET [user]=?,paswrd=?";
command.Parameters.AddWithValue("@user", uname );
command.Parameters.AddWithValue("@pwd", pass );
command.ExecuteNonQuery();
}