The only problem you'd have would be in the unlikely event of the php support on your server failing.
As added protection it's wise to seperate any sensitive info from the actual script using includes. Amend your includes path so that it is above the root directory and away from prying eyes.
PHP Code:
<?php
include 'password.php';
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<h1>Login</h1>
<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p><label for="txtUsername">Username:</label>
<br /><input type="text" title="Enter your Username" name="txtUsername" /></p>
<p><label for="txtpassword">Password:</label>
<br /><input type="password" title="Enter your password" name="txtPassword" /></p>
<p><input type="submit" name="Submit" value="Login" /></p>
</form>
<?php
}
else {
?>
<p>This is the protected page. Your private content goes here.</p>
<?php
}
?>
PHP Code:
<?
// password.php
// Define your username and password
$username = "someuser";
$password = "somepassword";
?>
That's fuckin' ingenious, if I understand it correctly. It's a Swiss fuckin' watch.