ALways Always DB! Txt file can be opened by anyone then they can use a brute forcer like John the Ripper to break the password. ALWAYS USE DB!! ha ha a little too much there
But it's the truth always use DB. Then either encode in SHA or MD5 inside DB. That way it's safer.
But never store in TXT file! Anyone can open it, not safe at all.