I try to create an forgot password application.
in the application, in order to get user password, user must do some input. there is 4 input : Username, Name, Security Question, and Security Answer.

Try
            If TextBox8.Text <> "" Then
                kueri = "select Username, Pass, Nama, SecQue, SecAns from Account where Username = '" + TextBox8.Text + "'"
                conn.Open()
                cmd = New SqlCommand(kueri, conn)
                rd = cmd.ExecuteReader
                rd.Read()
                If TextBox8.Text = rd(0) Then
                    If TextBox9.Text = rd(2) Then
                        If ComboBox2.Text = rd(3) Then
                            If TextBox10.Text = rd(4) Then
                                Dim pwd As String
                                pwd = rd(1).ToString
                                Label10.Text = Dekrip(pwd, SecretKey)
                                Label10.Visible = True
                                conn.Close()
                                TextBox8.Text = ""
                                TextBox9.Text = ""
                                ComboBox2.Text = "- Pilih Salah Satu -"
                                TextBox10.Text = ""
                            Else
                                MsgBox(" BAD Security Answer")
                            End If
                        Else
                            MsgBox("BAD Security Question")
                        End If
                    Else
                        MsgBox("BAD Name")
                    End If
                Else
                    MsgBox("BAD Username")
                End If
            Else
                MsgBox("Please Insert Answer")
            End If
        Catch ex As Exception
            MsgBox(ex.ToString)
        End Try

Problem :
this SQL Command, "select Username, Pass, Nama, SecQue, SecAns from Account where Username = '" + TextBox8.Text + "'", need to get textbox8.text in order to get the password.
but, if user input some word that not exist in the database, my application get error from the database that say "word don't exist".

is there any other way to make this forgot password application ?

thanks

Since rd.read() will return a true if the read was successful and false if it was not, try...

If rd.read() Then
    If TextBox8.Text = rd(0) Then
    ...remainder of your code
    End If
Else
    MsgBox("BAD Username")
End If

still failed.. but thanks for your help...

try
      If rd.read() Then
      If TextBox8.Text = rd(0) Then
      ...remainder of your code
      End If
      Else
      MsgBox("BAD Username")
      End If
catch ex as exeption
msgbox("BAD Username")
end try
conn.close

I just come up with this idea after see your post..
i close the database connection after try-catch code..
so, if inputed username dont exist in the data base, this error will be catched, and msgbox will showed...

once again... thanks...

I'm curious as to which line of your code is blowing up and what the exact error is because this should work. I use this logic all of the time.

Also, don't forget to handle if the user puts single quotes in their answer such as a username of O'Brien. I handle this by using .replace as in
kueri = "select Username, Pass, Nama, SecQue, SecAns from Account where Username = '" + TextBox8.Text.Replace("'", "''") + "'"
which replaces any single quote with two single quotes.

This question has already been answered. Start a new discussion instead.