Though, as mentioned above, you have some pretty restrictive and rather silly requirements, I propose another solution- cookies or random URL IDs (remember, or is not mutually exclusive). Then, you could feed info about an otherwise unserved (via httpd) directory through a CGI to the person who enters the right password. Additionly, such a person would be potentially able to download files that would be otherwise inaccessible by httpd.

But be warned, this is a blatant security hole (you are simply circumventing everything that the httpd stands for) and I certainly must concur that using built-in security modules is the REAL solution. There are several modules that provide basic authentication to medium and maximum encryption solutions which are free and easy to install. Why not take a look at those instead?

AgentM Systems nor Nasca Enterprises nor Bone::Easy nor Macperl is responsible for the comments made by AgentM. Remember, you can build any logical system with NOR.