Given a simple login system (register and login), which of the two choices is more secure:
User info consists purely of username-password.
Of course, best-case is assumed for both options: MySQL injections are accounted for, password is md5/sha1/md5+sha1/any other means encrypted, etc.
In case you're wondering, in the first case, php will add user credentials to the htpasswd file. (see this question for an example implementation.)