Use a complex htaccess password for that sort of thing. Upper and lower case with symbols. If you wish to get really heavy you can do the php thing after with mysql

[simcoweb.com...]

Well, in case you will give access to a small number of members (1, 2, 3) you can put the usernames/passwords in the PHP code - it is safe and easy to edit/update them.

Well, if you plan to expand to a new hundered members, you should use PHP/MySQL.

I want to make a small password protected page/area for someone to update a mysql db - kind of like a very small and simple content management system.

I've recently done this very same thing, using only php. The advantage doing it this way is that you can present page content before the password is required, then the password entry reloads the same page but now displaying whatever you want to display. I think this is secure enough for my needs and the password certainly isn't displayed in the page source prior to it being entered. With .htaccess, none of the page can be viewed until the password is entered.

It's also worth considering making the page in question unindexable by search engines so no-one stumbles across it who shouldn't do.

.htaccess is easier to install and often regarded as more safe
php is typically referred to as the user friendly language
personally i find the best way is to use .htaccess to redirect to a php password protection page, that combines the best aspects of both

PM me or post here if you have any interest in finding out about how to do this

Cheers for all the tips guys.

Helen.