My two cents . . .
A lot of people on this board seem to be having a problem with this -- I did too.
For those running on a virtual server:
Reading the NCSA tutorial will only get you so far. All these poor guys are wondering why you're having such a problem and keep referring you there. But there are modifications you have to make to the NCSA instructions in order to create password protection for a directory on a virtual server. Refer to your ISP's documentation on the correct path to use in a Telnet session for the creation of access and password files.
If all else fails, place the access information in your server's main access configuration file (normally access.conf, if you have it; httpd.conf if you don't -- but again, refer to your ISP's documentation for your own virtual setup) and restart the server.
I felt my way through this on my own. Hope this helps some of my fellow virtual administrators.