Basic Authentication for a directory

I have a small server, and i do not want everybody browse all of directories. It will cost alot of bandwidth.
I want some people can see a directory after logging in.
Php code can be a solution but it takes time. Luckily, using .htaccess can be a good solution although the security might not be good.
Steps :
1. Edit httpd.conf
Add these following lines :

<Directory "Location of directory">
 Options All
 AllowOverride All
</Directory>

2.Generate Password :

htpasswd -c .htpasswd user_name

3.Create .htaccess and put it into your designated directory
.htaccess :

AuthType Basic
AuthUserFile "/path/to/.htpasswd"
AuthName "MemberCertification"
Require valid-user