as i learned, asp .net login control has a built in required field validators but how can i use a regular expression validators to validate the UserName and Passwords textboxes ?
is there a way ?

You mean check if the user has entered a valid username and password? (the one which exists in the database)

Regular expression are used to validate inputs such as email, phone numbers etc. Basically they are used to validate if the input is in a pre-defined format.

In your case, the login control's input are validated against the user id and password which are stored in the backend database. Why do you need to use regular expression validators for this scenario?

i have to use regular expressions to validate user name and password to constrain the users input to only letters and digits(for example), to avoid input like special characters.
this is also important to avoid sql injection attack.
anyway i found a way:

<asp:RegularExpressionValidator ID="RegularExpressionValidator2" runat="server" 
                ControlToValidate=<%# Login1.FindControl("UserName").UniqueID %>>

as for me I use Protemac LoginTrap, nice prog for control login attempts

LoginTrap is really good, thanks!!!