You don't really want the form connected to the database: you want to wait for the user to press the "OK" or "Login" buttons, then validate the data.
The normal procedure is to hold a hashed password in the database (MD5 or preferably SHA) and retrieve the record which has a matching login id. You then generate the hash from the data they have entered (id and password) and compare that to the value returned from the DB. If it matches, they they are ok to login, if it doesn't they aren't.
There is a link here which covers the hashing - it's in C# but it translates easily:
Password Storage: How to do it.[
^]