You can check database at login time for provided username and password existance.If it doesnt find the one,revoke the access.
SqlConnection conn = new SqlConnection();
conn.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["your connection string name"].ConnectionString;
conn.Open();
SqlCommand cmd = new SqlCommand("Select uname, pswd from table where uname = @id and pswd = @password ", conn);
cmd.Parameters.Add(new SqlParameter("@id", "id here"));
cmd.Parameters.Add(new SqlParameter("@password", "password here"));
SqlDataReader dr = cmd.ExecuteReader();
if(dr.Read())
{
}
else
{
Response.Write("<script type='text/javascript'>");
Response.Write("alert('Invalid Credentials.');");
Response.Write("</script>");
}