Password protecting a domain using .htaccess

[dil_bert]

hello dear experts, 

i am currently trying to achieve password protect a domain and all of it's subdirectories and files, but my knowledge on the matter is very limited, how can I go about doing that?

i want to do this for a wordpress site - in other words:; i want to passwordprotect a site ;  i guess that this is a simple two step process  - In the .htaccess i think i can put

AuthType Basic
AuthName "restricted area"
AuthUserFile /path/to/the/directory/you/are/protecting/.htpasswd
require valid-user

for the password generation i can use 

- the passwordgenerator of python or 
- the passwordgenerator of keepass or i also can make 
- use of http://www.htaccesstools.com/htpasswd-generator/ or simpliy 
- command line to generate password and put it in the .htpasswd

Note 1: i am using winSCP or filezila to put it to the server - btw. should i do more confifguration; e.g. configure in the security section "Password Protect Directories"

then propably we need to do a AllowOverride All to the directory of the .htaccess (or at least to previous ones) in http.conf followed by a apache restart

<Directory /path/to/the/directory/of/htaccess>
      Options Indexes FollowSymLinks MultiViews
      AllowOverride All
</Directory>

note:  what if i want to have this protection in a special way - so that i can 

- call the domain 
- open the passwordprotected site - and have access to the site for 2 or 3 hours 
- is this possible?!

note - generally i have learned that i can passwordprotect a directory served by Apache via  a .htaccess file in the directory we want to protect and a .htpasswd file that can be anywhere on our system that the Apache user can access (but put it somewhere sensible and private). 
is it a good idea to put .htpasswd in the same folder as .htaccess. The .htaccess file for the wordpress already exists:  if it would not exixt i should have to create it and insert:

AuthType Basic
AuthName "Your authorization required message."
AuthUserFile /path/to/.htpasswd
require valid-user

Then we should create a .htpasswd file using whatever username and password we want.  And yes: The password should be encrypted. 

note: i am on a Linux server, - well here we can use the htpasswd command which will encrypt the password for us. Here is how that command can be used for this:

htpasswd -b /path/to/password/file username password
    

the question is: how to achive that: what if i want to have this protection in a special way - so that i can 

- call the domain 
- open the passwordprotected site - and have access to the site for 2 or 3 hours 
- is this possible?!
 

[requinix]

Please, PLEASE do not make me answer your implied question about where you should generate a password. Because I will not be polite.

AllowOverride is about whether (sub)directories can use .htaccess files.

This sort of authentication is automatically remembered by your browser. You don't have to do anything to make that happen.

Passwords are not encrypted. They are hashed.