.htpasswd User generator

Modes with an asterisk * are "salted". Each time you generate an entry with a salted algorithm it will look different even if the input is identical.
Salted modes are generally better than unsalted. If possible, use bcrypt. Argon is experimental and likely only works with a custom authentication plugin.
Regardless of the mode, the username is always stored in cleartext.

Enabling password protection

Add this to the .htaccess file of the directory you want to protect:

AuthType Basic
AuthName "Description, that is sometimes shown to the user"
AuthUserFile .htpasswd
Require valid-user

This will also protect all subdirectories

Apache Configuration

Make sure the auth_basic module is loaded. If it is not already, add this line to your Apache configuration (probably httpd.conf):
LoadModule auth_basic_module modules/mod_auth_basic.so
Change the path as needed.
This module depends on other modules which are usually present in a default Installation. See this site for details.

Path of .htpasswd

AuthUserFile might need to be changed. It is relative to whatever directory is set as main directory in the server configuration.
If you are not sure what that path is, just leave the entry "as-is" and load the site. If the file doesn't exists (Server will generate HTTP 500 error), you can check the error.log of Apache to find the full path ot tried to look up.
If you don't have access to the error logs, you can just try your webservers main http directory (the one you are in when calling your website).
If you have access to the server Configuration, you can look for the ServerRoot line.

No .htaccess

If the file does not exists, create it in the directory you want to protect and name it .htaccess. If you use Windows, you might find yourself unable to create a file without a name and just an extension. To work around this issue, open the comamnd prompt (cmd.exe) and type this:
COPY NUL "C:\Path\To\Your\.htaccess"
The quotes are optional if your path doesn't contains spaces.

View Source