First, you have to create a file called .htaccess in the directory you want to password-protect:
AuthName "Members Only"
<limit GET PUT POST>
Then create the file /path/to/your/.htpasswd which contains the users that are allowed to login and their passwords. You can use the htpasswd command for it:
htpasswd /path/to/your/.htpasswd user1
htpasswd /path/to/your/.htpasswd user2
Obviously you have to adjust /path/to/your/.htpasswd