To password protect your site or a folder within your site, the quickest method is likely to be the .htaccess method.
You simply need two files:
1. .htaccess
2. .htpasswd
The .htpasswd file contains the login details (username:encryted password) of the users allowed to enter the area of the site you are protecting. This ideally should be placed outside of the web root so it is inaccessible to the world.
The .htaccess file needs to be placed in the folder you wish to protect. Basically if someone tried to access any file below the folder location of the .htaccess file, they would be prompted to enter login details. The contents of this file states that authorisation is required and also points to the location of the .passwd file so that the entered login details can be checked against.
There is a great and easy to use tool on Dynamic Drive to help you generate these two files.
As a web developer, a great use for this is to password protect your client site until it is ready to go live. This allows the search engines to only start crawling the site once the site is goes live.
More reading: http://www.javascriptkit.com/howto/htaccess3.shtml
Hope you found this useful! 
Hey Emil, you forgot to mention its an Apache feature. Software like IISPassword have tried to emulate this feature in IIS but has failed miserably. I know because I’ve spent hours setting it up on IIS because it does not work correctly and their forum wont validate my registration in order for me to send a bug report.
Hi Brinley! Thanks for your contribution, I’m sure someone would find this useful.