Protected Web Directories
The Protected Web Directories module lets you manage web directories that are protected using .htaccess and .htpasswd files. To be able to use web directory protection, the webserver has to allow overriding authentication. When using apache, the webserver configuration has to include a line
either global or on the relevant web-directory.
adding a new directory/editing an existing one: