This post goes out to the small minority of users that password protect their wp-admin directory against hackers via htpasswd files and the like. While I believe that using htaccess files to password protect the /wp-admin folder is a great idea, it does have it's drawbacks.
Bettwer WP.net says: "There is one major drawback with this method, that is your normal visitors will also be prompted to provide the same pair of username/password you just choose when they fail to comment or when they login or signup. WordPress causes this issues because it requests for media files inside the wp-admin folder."
To those of you using this method, I encourage you to look at this post on betterwp.net as it's directed towards you.
FYI, no this isn't a sponsored link lol, just figured I would show you guys how to fix this as I don't believe that using the old AJAX methods in the plugin is safe.