Frankly, if that's a typical example of your thesis code, changing passwords is the least of your problems.
Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead. Stop what you are doing, and go back to the rest of your code and fix that first - your whole application is wide open to any user you wants to delete your database, just by typing in a text box...
Secondly, SqlConnection, SqlCommand, and related objects are scarce resources - you should be Disposing them when you are finished with them.
Thirdly, don't use MsgBox in VB .NET applications, it's a legacy hangover to VB6, and was superseded by the MessageBox class in .NET V1.0
Fourthly, never hardcode connection strings - always use a settings file. this is especially important when you hardcode the string in many, many places as it's far too easy to get one wrong, or miss it completely when it needs changing.
Fifthly, look at your code!
Dim ans As String
ans = MsgBox("New Security have been saved!", vbOKOnly + vbInformation)
If ans = vbOKOnly Then
Welcome.Show()
End If
Given that you only show an OK button, what other value do you expect the message box to be capable of returning?
Then, never store passwords in clear text - it is a major security risk. There is some information on how to do it here:
Password Storage: How to do it.[
^] - it's in C# but the code is pretty simple and obvious, and online converters exist to change it to VB:
Code Converter[
^]