# Open file, loading passwords into a hash, keyed on usernames
my $filename = '/path/to/pw/file/outside/web/root/filename.extension';
my (%users);
open(DF, $filename) or die("Cannot open $filename for input: $!\n");
while (my $line = <DF>) {
  chomp($line);
  my @parts = split(/\|/, $line, 2);
  $users{$parts[0]} = $parts[1];
}
close(DF);

# Get parameters passed in
my $q = new CGI;
my $entered_un = $q->param('username');
my $entered_pw = $q->param('password');

# Test if username and password match
my $authorized = 0;
if (exists($users{$entered_un})) {
  # crypt() uses a 2-character salt for additional variation
  my $crypted_pw = crypt($users{$entered_un}, $entered_pw);
  if ($crypted_pw eq $users{$entered_un}) {
    $authorized++;
  }
}
if (! $authorized) {
  &display_incorrect_un_pw_msg;
  exit;
}

# do whatever, such as set a cookie or something, then whatever