First of all , as all other people said its easily exploitable
Also you have to do if table.find(user.Username,script.Parent.Parent.User.Text) and ... then
EDIT : I would ask to fire a remote function to the server with the user name and password and do the checks there , if the checks are correct return true and destroy the GUI else if the check is not correct return false.
This is false, players cannot access other playerâs PlayerGui from their client. That would pose a serious security issue if that was the case. You are spreading misinformation.
