No. The easiest way to do this is just to say:
cmd.Parameters.AddWithValue("@usr", txtUserName.Text)
cmd.Parameters.AddWithValue("@pw", txtPassword.Text)
But please don't do that! Storing passwords in clear text is a horrible security risk. See here:
Password Storage: How to do it.[
^] - it's in C#, but the code is pretty much identical in VB.
"I thought that using
cmd.Parameter.add("pwd",SqlDbType.BigInt, 15).Value
is better than AddWithValue due to it can strict the Type/Length of the Input"
It can, yes. And that's a problem!
When you use the Add method with a text string and specify the length, the Add method truncates the string to the length you specify,
without telling you. So if you specify a string length of 20 characters and your user enters a 100 character comment, 80 characters will be discarded and you don't know. Worse - your user doesn't know and is instead assured that the database was updated correctly.
If you use AddWithValue, the whole string is passed through, and SQL will refuse to enter it and throw an exception back to your code - so you can tell the user there is a problem!
There is also the fun and games of changes to the DB needing to be reflected in the code and so forth, but throwing away user data without anyone knowing is much, much worse - because it is unfixable (the data can't be recovered) and that erodes user confidence in the system as a whole.
And still don't save passwords in clear text!