You need to put two files within the directory you want to protect to do that, first one is .htaccess with this content:
AuthName "Secure Area"
After that, you need to run this:
htpasswd -c .htpasswd your-user-name
To generate the second file .htpasswd in where users and hashed passwords are stored. The -c option clears the file so if you want to add additional users later just remove the -c option:
htpasswd .htpasswd your-user-name
The '.' in front of the file name makes it hidden so that users can't view the content of your .ht files.