It depends on how many members.
For more than you ever wanted to know about the so-called ".htaccess" method:
http://httpd.apache.org/
I need to point something out, the ,htaccess method requires a password file, you should make absolutely certain this password file is kept OUTSIDE WEB SPACE. I've seen the mistake of storing the password file on the same site it protects many many times.
For more than you ever wanted to know about this problem, please see this PDF I've written:
http://www.geniegate.com/art/pdf/keep-it-off-the-web.pdf
It is a really common problem.
If you have a lot of members, using .htaccess will get tiresome (you'll constantly be maintaining passwords) to that end, you can install a complete user management package.
Here are a couple of them:
Amember: (I've had no experience with it)
http://www.amember.com/
GenieGate: (Full disclosure: I wrote GenieGate)
http://www.geniegate.com/listings/dolphin/
User management packages can be rather complex, but provide things such as password reminders and paid access areas.
One thing you may wish to consider before using the login box type of password protection is that spiders won't be able to access your site. This can greatly hinder people from finding you (as search engines won't work!)
For this problem, you can employ password protection methods that provide the content as normal, but require your visitor to be "logged in" before they are permitted to POST anything. A kind of best of both worlds. (but is more involved, it requires server-side scripting)
Alternatively, since your main concern is spammers, you might check into those (awful) CAPTCHA codes. These are typically images with numbers and a form box asking the visitor to fill them out. To "prove you're human".
CAPTCHA codes will keep out the "spam bots" but, unfortunately, they aren't blind friendly (unless you use audio files) and aren't very convenient.
Jamie