Secure Folders: Though Apache has used this approach for some time. Troxo created IIS password which now offers pretty much the same thing for IIS. Though in Windows the MD5 hash is a little different the results are exactly the same. Using an .htaccess file you can provide access control to your website. This is done by creating a .htaccess file in the directory you wish to protect and creating an associated password file as designated within the .htaccess file. You will want to keep in mind that while an .htaccess file does provide a way of restricting access for users accessing your site via a web browser. This can be used to protect your images from being used on other web sites via a link.