If you're using Apache as your webserver,
I suggest you check out the
Apache::AuthenPasswd module.
There are many other Apache:: modules for authenticating
against lots of other types of sources: SQL, LDAP, NIS, etc...
I'd much rather leave out dependency on the webserver
being used. Although 90% of the people will be using
apache, we don't want to risk excluding others.