1. Don't put SQL statements in session variables. You're better off creating a stored procedure that does this SELECT for you. You simply pass the username to it.

2. You've assigned strNome in the 'if' portion of your 'if-then-else' block, but you attempt to access it in the 'else' portion. It's not going to work, since only the 'if' portion or the 'else' portion will be executed, but not both. From your code I see that Utilizador is the same as TxtUser.Text, so you should say:

Session("User") = TxtUser.Text

And do this before the if block.