Well Gizmo, I hope that it doesn't matter if the person knows where your "pass.txt" is. You SHOULD instead be using a htpasswd file or some other file who's permissions wouldn't grant read access anyway.
_________________________
Domain Registration, Hosting, Management
http://www.dollardns.net