I'll try to be as detailed as possible

So basically i'm in the middle of designing an c# and sql server application for a friend On the application startup it requires a user to enter their code into the password box on the application that they were given by the admin instead of having a user register in the application he wants this to ensure the passwords for the user are strong long password

So for each new user an admin would have to add their details and code to the database so that they can access the application

The codes for each user needs to store in a SQL server database but i don't want to store them in plain text as this is very insecure and as the server is connect to the Internet and should someone gain access would compromise his users and business

I don't usually deal with making user login or cryptography so i'm kinda at a roadblock here and would like some help

how do I securely store them with hashing and salt if theres no user registration in the application

basically this is what ive gotten so far

Code:
using System;
using System.Windows;
using System.Windows.Input;
using System.Data.SqlClient;
using System.Windows.Threading;

namespace Prototype
{
    /// <summary>
    /// Interaction logic for AuthenticationScreen.xaml
    /// </summary>
    public partial class AuthenticationScreen : Window
    {
        public AuthenticationScreen()
        {
            InitializeComponent();
            DispatcherTimer CurrentTimeTimer = new DispatcherTimer();
            CurrentTimeTimer.Interval = TimeSpan.FromSeconds(0.1);
            CurrentTimeTimer.Tick += CurrentTimeTimer_Tick;
            CurrentTimeTimer.Start();
        }
        public void CurrentTimeTimer_Tick(object sender, EventArgs e)
        {
            DateTimeLabel.Content = DateTime.Now.ToString("hh:mm:ss tt");
        }
        private void PasswordInputKeyDown(object sender, KeyEventArgs e)
        {
            if (e.Key == Key.Enter) //only accepts enter key
            {
                MessageBox.Show("checking password");
                try
                {
                    SqlConnection connection = new SqlConnection(@"Server=*****;Database=prototype;Trusted_Connection=True;"); //Connection string to database
                    connection.Open(); //opens the connection to database
                    SqlCommand cmd = new SqlCommand("SELECT Password Code: From database.User Personnel WHERE Password Code: = '" + PasswordInput.Password + "' ,connection"); // validates user input against database records
                    cmd.Connection = connection;
                    SqlDataReader DataReader = cmd.ExecuteReader();
                    MessageBox.Show("Connection Established");

                    int count = 1;
                    if (count == 1) //If count is equal to 1, than input is authenticated
                    {
                        MessageBox.Show("password correct");
                        connection.Close(); //closes the connection to database
                        this.Hide();
                    }
                    else //If count doesn't equal 1 than input is incorrect and application is closed 
                    {
                        connection.Close(); //closes the connection to database
                        MessageBox.Show("password into correct");
                        Application.Current.Shutdown();
                    }
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }
    }
}
im getting an error saying
Incorrect syntax near the keyword 'From' the label 'code' has already been declared label names must be unique within a query batch or stored procedure


any help in condensing/cleaning or fixing this is greatly appreciated