Sounds like <LocationMatch> [httpd.apache.org] is what you're looking for; something like this, perhaps:

<LocationMatch "^/path/to/images($¦/$)">
 AuthType basic
 AuthUserFile /path/to/.htpasswd

 (other auth directives here)

</LocationMatch>

Hmm..
I've been trying this for awhile, but no matter how many times I try fixing this code I can't get it to work (please bear with me, i'm a htaccess newbie).

I want the public to be able to view the images on ebay, but I don't want them able to be browsing the directories..

Here's a copy of my current .htaccess. If I remove the #'s, I get a 500 internal server error. With the #'s in, I can browse with no username/password needed.

#<Directory "/home/sites/blah/web/ebay">
Options +Indexes
#AllowOverride All
#Order allow,deny
#Allow from all

<IfModule mod_autoindex.c>
# image types
AddIcon /icons/small/gif.gif .gif
AddDescription "JPEG image" .jpg .jpeg
AddDescription "GIF image" .gif
AddDescription "PNG image" .png

AddIcon /icons/small/jpg.gif .jpg .jpeg .png
AddIcon /icons/small/a.gif .ps .ai .eps
AddDescription "vector (scalable) image" .ps .ai .eps

AddIcon /icons/small/back.gif ..
AddIcon /icons/small/hand.right.gif README
AddIcon /icons/small/dir.gif ^^DIRECTORY^^
AddIcon /icons/small/blank.gif ^^BLANKICON^^

AddDescription "Directory Folder" *
</IfModule>

#<LocationMatch "/home/sites/blah/web/ebay">
#AuthType Basic
#AuthName "Private Access Only"
#AuthUserFile /home/sites/blah/web/_private/.htpasswd
#</LocationMatch>
#</Directory>

If you're getting an Internal Server Error, the cause is almost invariably logged to your errorlog.

Thanks, it looks like this is what i've been looking for. It only asks for a password if there's an "/" at the end of the URL.