I wouldn't recommend it. One reason is that anything in the URL goes into the Browser's history list. That means that if someone logs on at a public library, the URL with the password would be available for anyone else who came along to use. Or if someone left their machine unattended for a few minutes, you could look at the history list. People also email or post URLs to one another. The site would quickly become open.
One solution, widely used, is to store a cookie on the user's machine that gives them access. If the cookie isn't present, then they have to log in. Notice that this is used here at WMW.