I have tried doing what you are talking about. It worked great, by puting the htaccess file in the data directories that I wanted to protect, but then I discovered that the thumbnails are also stored in the same data directories, which results in the user getting the password box just by entering that category, then the thumbs will not load if they do not have a username/pass.... that's as far as I got.
I have always had a lot of problems using htaccess with this script just to prevent hot linking. I am able to stop other sites linking to spesific files, but I can not stop their users from copying the URL and pasting it in their browser to view a movie file. If I prevent them from doing that, then my own members can not view or download the files. My bandwidth so far this month is about 700GB and it's driving me mad!