The obvious security holes are:
1) keystrokes are echoed to the screen;
2) there is a simple buffer overflow attack if the user types more than 50 characters
3) the password is stored in plaintext in the executable;
4) the password comparison aborts at the first mismatch rather than comparing all characters (this is a subtle flaw, but nonetheless one that was exploited many years ago)
5) the password entered by the user is stored in plaintext in memory (another subtle flaw, but again one that was exploited many years ago);
Isn't that more efficient? The very first mismatch, means the password is incorrect, and don't compare any further?
Yes and no.
Yes, technically speaking it will be a few nanoseconds faster. In reality, unless your password is many megabytes long, the speed difference won't even be measurable at the software level.
Nonetheless it is a security hole to compare only up to the point of failure.
Assuming passwords can have only [a-zA-Z0-9] for simplicity's sake, that's 62 different characters. A password of length N then has 62^N possible values. This quickly becomes impossible to brute force.
However, by comparing only up to the point of mismatch, I can, with some good engineering, write a program that requires at most 62*N (yes, 62 *times* N) guesses before it gets the correct password.