it requires that you generate a password hash too, so perhaps rather than fiddling with it manually, you might try a plugin which does it all for you.
I'm not endorsing this plugin, it was simply the most recent one I could find, so it's very likely compatible.
What looks to be another cute little plugin will lockdown the login page for an hour, upon a number of failed attempts. This will dramatically reduce the chance of your password being compromised by brute force.
There's plenty of information to be found via google on how to do the htaccess/htpasswd stuff manually if you like, though.
Also, if you're really concerned about sending your passwords etc by clear text, you can go nuts and enable SSL on your admin area with this... though I don't think it's really necessary.