USERINPUT = $1000
PASSWORD = $2000

setup:
  ldx $0; counter/offset

loop:
  lda USERINPUT,x ; if null byte, check done and password ok
  beq validpassword
  eor #$aa; XOR with constant
  sbc PASSWORD,x ; substract byte of password
  bne wrongpassword ; invalid byte
  inx ; increment offset
  jmp loop ; work on next byte