You should be removing Login1_Authenticate event and have a login button event to validate the credentials.
Or depending on how you submit back to server, such as ajax calls etc. You can also use fiddler to see what's exactly being posted back to server.
PS. Why do not use ASP.net MVC?