This is what I Use , you can change the ado connection code to be sql fairly easily without changing anythin else.

Code:
conn.open = "Provider=SQLOLEDB.1;User ID=sa;password=mypassword;Initial Catalog=MyDatabase;Data Source = MySQLServer;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096"
login.asp:
Code:
<%

oldPath=Request.QueryString("HTTP_REFERER")
if oldPath="" then oldPath="default.asp"
Dim conn,rs,mysql,dbpath
mysql="Select logo from Company"
Set conn = Server.CreateObject("ADODB.Connection")
Conn.Open "Data Source=" & Server.Mappath("db.mdb") & ";Provider=Microsoft.Jet.OLEDB.4.0;"
Set rs = Server.CreateObject("ADODB.Recordset")
Set rp = Server.CreateObject("ADODB.Recordset")

rs.Open Mysql,conn,3,3,1
MyLogo=rs.Fields(0).Value 
'MyScript="default.asp"
rs.Close 
Response.Write "<HTML>"
response.write "<HEAD><CENTER>"
Response.Write session("username")
if len(Request.QueryString("username")) < 1 then
%>
<h2>Please log in to continue<BR></h2>
<form action="" method=GET>
<%if Request.QueryString("msg") <> "" then Response.Write "<font color=red>" & Request.QueryString("msg")%></font><BR>
Username: <INPUT type="text" id=text1 name=username><BR>
Password: <INPUT type="password" id=password1 name=password><BR>
<INPUT type="submit" value="Submit" id=submit1 name=submit1>
</form></center>
<%
else
rs.Open "Select password from Users where username='" & lcase(Request.QueryString("username")) & "';"
if rs.RecordCount =0 then 
Response.Write "Invalid Username!"
Response.Redirect("login.asp?msg=Invalid Username! Try Again.")
else
if lcase(rs.Fields(0).Value) = lcase(Request.QueryString("password")) then 
session("AUTH")=True
Response.Write "all ok"
session("username")=lcase(Request.QueryString("username"))
myfrom=session("username")
rp.Open "Select id from tech where fname='" & session("username") & "';",conn,3,3,1
session("tech")=rp.Fields(0).Value 
rp.Close 


rp.open "Select * from message where myto='" & myfrom & "' and active <>0",conn,3,3,1
MyNum=rp.RecordCount
rp.Close 
if Mynum > 0 then 
Response.Redirect("readmsg.asp")
else
Response.Redirect(Session("PAGENAME"))
end if



Response.Redirect(Session("PAGENAME"))
end if

end if
end if
'Response.Write err.number,err.Description,err.Source 
%>
Then in each page add:
Code:
if len(session("username"))< 1 then
session("PAGENAME")=Request.ServerVariables("SCRIPT_NAME") & "?" & MyString
Response.Redirect("login.asp")
end if
That will check each loaded page for the correct login