.htpasswd is a flat-file used to store usernames and password for basic authentication of Apache HTTP Server. The name of the file is given in the .htaccess configuration, and can be anything, but ".htpasswd" is the canonical name. The file name starts with a dot, because most Unix-like operating systems consider any file that begins with dot to be hidden. This file is often maintained with the shell command "htpasswd" which can add, delete, and update users, and will properly encode the password for use (so that it is easily checked, but not reversed back to the original password).
The file consists of rows, each row corresponds to a pair of username and hashed password separated with the colon in between. The hash is typically "UNIX crypt" style with MD5 or SHA1 as common alternatives.
Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htpasswd. Htpasswd file can be used to protect the entire directory it is placed in, as well as particular files.