A https connection and password protection are two separate things.
What I do is have my login page for my password protection within the https protection. I actually use the mysql logins. This way to even establish a connection to mysql you need a valid login, also you can then restrict people by who they are rather than doing it in code.
So get https working, and then worry about password protection within your site.
Try this Tutorial on Apache and SSL
to get you started.