in reply to Passing a username/password from HTML to a Perl script
My initial reaction to this post is that I sure hope you're doing all this stuff over an SSL connection. Without SSL, the password protection doesn't reallt even matter.
Sure, htaccess is great, but it's not secure* unless you're on an SSL connection. I use htaccess with SSL all the time.
I guess I just can't stress SSL enough. Especially when dealing with credit cards, SSL is a MUST.
* Exception: Digest Authentication, which probably won't work for you in many cases.