try below code with sql parameters,
cmd.CommandText = "SELECT * FROM std_log where first_name=? and password=? and id=?";
cmd.Parameters.AddWithValue("first_name", User1st.Text)
cmd.Parameters.AddWithValue("password", Password.Text)
cmd.Parameters.AddWithValue("id", strid)
Dim dr As OleDbDataReader
dr = cmd.ExecuteReader()