Having some trouble getting this set up, I'd guess it has to do with my path to my password file. AuthName "Restricted Area" AuthType Basic AuthUserFile /username/.htpasswd AuthGroupFile /dev/null require valid-user I've placed the .htaccess file in the directory I want to protect, and that seems to be working. I just can't get username and password working. Can anyone confirm or deny my AuthUserFile location? If my resold account username is SPOT, wouldn't the path name be /SPOT/.htpasswd if I dumped the password file in the root of my resold account?? Thanks in advance.