Why do I not want to put all username/passwords in an .htaccess file?

1. simplicity - 4 groups of users, 4 sets of pages, 4 auth username/password combos
2. I'm a little uncomfortable having a few thousand username/passwords in an .htaccess file - this would affect performance, no?
3. if i can just do that, the rest of my code is already mapped out.

There is no need to put all those names in .htaccess. 'require valid-user' will suffice for overall access, and 'require group admin,custodial' to limit access to particular areas. See the Apache docs for setting up the password and group files.

After Compline,
Zaxo