When you protect a directory on your site, you limit access to it by requiring that users enter passwords to access files in the directory. When you do this in the Site Administrator control panel, an htaccess file (HT is derived from hypertext) containing permission information is created.
The htaccess file contains information about the authorization name for the directory, and the names of the groups who are allowed to access files contained within this directory.
Another file, which contains individual user names and passwords (HT user accounts) of users who belong to the group, is also created. When a user attempts to access a protected directory, the Web server first verifies that the user is included in a group listed in the htaccess file, then prompts for a user name and password before verifying and granting the user access to the directory.
Note: If you have FrontPage Extensions enabled on your site, you use the FrontPage Extensions interface to protect directories.