I faced the same issue, and resolved it by changing the .htaccess file permissions to 644 via File Zilla.
If you are not comfortable creating .htaccess files by yourself, i would highly recommend The AskApache Password Protect WP Plugin. It can be found here: AA PassPro.
It would create the .htaccess files in the root and the wp-admin for you can gives you a awesome list of protection options for WordPress from BOT attacks. Make sure you follow the instructions and go through the diagnostic test the plugin goes through to check your webhost capabilities and guides you, which options to select.
If any options creates issues,just re-edit .htaccess through FTP and dont enable the same option next time in the plugin!
This is a good step towards protecting and securing WordPress!
Hope this help.