As suggested by SA "Store only encrypted password and encrypt posted password using the same algorithm and compare encrypted with encrypted." You can use
MCrypt for encryption.
Refer
This[
^] for its implementation.
I would prefer to store the password in database rather than storing it in a text file.
hope it helps :)