And another thing. Never concatenate values directly to your SQL statements. This leaves you vulnerable to SQL injections, data type conversion problems and so on. Instead, always use
SqlParameter[
^]
So your query could look something like
...
SqlConnection conn = new SqlConnection(@"Data Source=.\SQLEXPRESS; database= Registration; trusted_connection=yes");
conn.Open();
SqlCommand com = new SqlCommand("insert into register(Username, password, [email id], [first name]) values(@username, @password, @emailid, @firstname) ", conn);
com.Parameters.AddWithValue("@username", TextBoxUS.Text);
com.Parameters.AddWithValue("@password", TextBoxPass.Text);
com.Parameters.AddWithValue("@emailid", TextBoxEA.Text);
com.Parameters.AddWithValue("@firstname", TextBoxFN.Text);
com.ExecuteNonQuery();
...