I'm installing a program written in PHP. In the installation instructions it says, "Make sure your /admin/ directory is password protected. If you don't use HTACCESS to protect those files, you need to implement your authentication yourself."

I know neither how to use .htaccess to password protect a single directory, nor how to "implement authentication". Could someone guide me in the right direction and tell me how to do one or the other? (I do use .htaccess files on a regular basis, but only to do things like set up 404 pages, stop web stripping bots, stop image hotlinking, etc.)

This isn't really a PHP question, but I can't think of a better place to put this.

Here's an example.

A couple of changes I would make:
1) Place the .htpasswd file outside of the web document tree, not in the same directory as the .htaccess file as that example suggests.
2) When using the htpasswd command, add the -m option, so that MD5 encryption is used, rather than the default crypt encryption.

Thanks for the answer, Dave. I knew the .htaccess stuff wasn't a PHP question, but I wasn't sure about the "implement authentication" thing (as I'm not familiar with that term). I'll follow some of the instructions at the link you provided.

"implement authentication"

That probably refers to a situation in which you can't use .htaccess files. For example, if you weren't using the Apache web server, or if Apache weren't configured to allow you to use .htaccess files, then you would need to find a different method for protecting the directory.