encyclo - 3:14 pm on Nov 20, 2003 (gmt 0) (Note I'm not a UNIX guru, so I may not have explained this well.)
Maybe I'm missing the point, but what are you trying to protect? A .htaccess file will only protect files accessed via HTTP. An example: on a shared UNIX/Linux/FreeBSD server (used by many sites), all the users tend to belong to the same group. By default, directories are created with the permissions set as 755, and regular files as 644. This means that anyone with shell access (as a regular user, not root) to that server will be able to read all your files, including those "protected" by your .htaccess. They would have no need to decrypt your .htpasswd file. Unless you're on a fully dedicated server, you should set the directory permissions as 701 and regular files as 604, so that the group does not have read access.
(Note I'm not a UNIX guru, so I may not have explained this well.)