The ltogin form works, that is if your use name is wrong you denied access however the problem is that if your user name is correct and the password enterd is not for that particular user name but for another one access is granted. The code is below
Me.EmployeeId = Nz(DLookup("strEmployeeid", "tblEmployee", "StrEmployeeId='" & Me.EmployeeId & "'"), "")
Password = Nz(DLookup("strPassword", "tblEmployee", "StrPassword='" & Me.Password & "'"), "")
If Me.EmployeeId = strEmployeeId And Me.Password = strPassword Then