Your code is executing
select Username, Password from UserCredentials where Username='Administrator'
which is always going to return you a result regardless of what the user's credentials are, so it will think everyone is admin. If the username being Administrator is the only thing that indicates they are admin then simply do a check for that;
if (textBox1.Text.Equals("Administrator", StringComparison.InvariantCultureIgnoreCase))
{
}
Also look at using parameterised queries rather than creating your sql queries via string concatenation as your code is vulnerable to SQL injection attacks. Also rather than doing a while\read loop and incrementing a count you can just check "if (dr.Read())" as it doesn't really matter how many results there are. You can also do a "select count(*) from table where...." and then do an ExecuteScalar call to read the result of the count and see if it is 0 or 1, or whatever.