if you use .htaccess files, as you suggest, then changing the access restrictions doesn't mean you have to restart the server. It sounds like all you need is to throw together a friendly front end.

There are two CPAN modules that will do nearly all that work for you: Apache::Htaccess and Apache::Htpasswd provide object-oriented interfaces to their respective files and the usual directives, and should make changing authentication policies and adding users a very simple job.