You would want to protect directories that you only want certain people to access. Many times subcription newsletters will password protect their monthly newsletter and send out a password to their subscribers. Content you only want friends or family to see may be another or if you are developing an intranet on a corporate site could be another. There are many reasons for doing this....you name it.

protecting an interface to a database is a way i use one....

Many thanks, James. The marvelous thing [to me] is that I actually understand what you told me. I asked my web host the same question & here is his reply...

"It is for password protecting areas of your site with basic HTTP authentication."

Was the fact that I didn't understand the above primarily due to my noob status [probable] or was they guy trying to dazzle me with foot work?

Oh... and WHAT is "HTTP authentication?"

Aloha from Hawaii,
Bellgamin

It's the standard way of password-protecting directories.

HTTP stands for HyperText Transfer Protocol. It's one way browsers and servers communicate, and is used for websites: this is why, if you look at your address bar, it begins with http://...

Basically, the client (i.e. your browser) sends a request to the server for a particular file. An HTTP request typically looks like this:
[code]
GET /index.html HTTP/1.0
Referer: http://mysite.com/sitemap.html
Connection: Keep-Alive
(etc etc etc...)
[/code]

The server then sends an HTTP response which begins with a code telling the browser whether the request was successful and what action to take next. Common responses include:

200 OK (meaning: the request was successful, and here is the page)
404 Not Found (the dreaded "File not found" page)
410 Gone (the page has been permanently removed)
500 Internal Server Error (usually there is an error in a server-side script)

The code that interests us here is:

401 Authorization Required

When the client receives a 401 response, it will prompt the user (you) to enter a user name and a password. This is then sent back to the server, which checks to see if everything is OK and that you do indeed have access to that directory. If all is well, it sends the page with a 200 OK code. Otherwise it sends back an error code and refuses to deliver the page.

HTTP is not the only protocol on the Internet, by the way. There is HTTPS, used for secure transactions (you usually use this when sending credit card details, for example), FTP for uploading files onto the server (can be done with HTTP, but not efficiently), WAP for, well, WAP sites, News for newsgroups and some other rarely-used protocols such as Gopher.