I have created a simple password cgi-script for a web page. This script is going to be used for famliy purposes (family photo album) so that not your everyday person can view the pictures. The password will be the same for everyone. Because it is going on the www I want to make sure that it is a secure script. My question(s) is/are:

1. What are some basic things I can do to make this script more secure?
2. If need be, would it be wise to use this script on a business web site?
3. Lastly, is it a wise decision to have the actuall password name in the script or should I call it from a txt file (or something else)?

I did not comment this code because it is self explanatory (or should be anyway). ---

#!usr/bin/local/perl -w


use strict;
use CGI qw( :standard );

my $p;
my $password;



$p="howdy";
$password=param('password');

if ($p eq $password) {
    print "Content-type: text/html\n\n
        <html><head><title>Password Check</title>
        </head>
        <body bgcolor=navy text=white>
        <h1>It worked</h1>
        <hr><br>
        </body></html>";
} else {
    print "Content-type: text/html\n\n
        <html><head><title>Password Check</title>
        </head>
        <body bgcolor=orange>
        <h1>Loser -- Try Again</h1>
        <hr><br>
        </body></html>";
    }
[download]

Thanks for the help!