You only need to use mysql_real_escape_string to quote a string for use in a query. MySQL returns strings from the database in a literal (unescaped) form. You should read about mysql_real_escape_string in the php manual.
Also, $row in your code is going to represent the FIRST user selected from the database. Your SQL query selects ALL users, instead of selecting ONLY the user identified by $username. This will result in checking the password against the wrong user most of the time if you have multiple users in the table.
Example:
$username = mysql_real_escape_string($_POST['username']);
$result = mysql_query("SELECT * FROM registered_members WHERE username=\"$username\"");
$row = mysql_fetch_assoc($result); // note assoc
if ($row['password'] == $_POST['password']) {
// success
} else {
// failure
}