I have some (mildly) sensitive personal information in a database that I would like to be publicly accessable via the web and CGI. It will be username/password access only. What is the best way to go about this? I'm asking about things like .htaccess and .htpasswd, or https. It isn't so necessary that we have to do 128 bit https, but at the same time, the users will want some security.
As far as https goes, I've never used it before, and would have to set it up myself. Are there any concerns I need to be aware of?
Also, how well does .htaccess work for protecting CGI scripts.