If you use htaccess/htpasswd to password protect a directory, then any attempted access to the file will prompt for a username/password, even if it's just an image embedded in another page somewhere.
What you could do is, assuming you have an index file for the directory, use a simple password script on the index before you're allowed to view the images/etc. Since the index file is what's loaded when a user enters a directory name, this would theoretically work... Then, to get a directroy listing, you'd just have to make the index.html/.php (probably php if you're doing password protection) file a directory list with links to every file.
The reason you can't use htaccess/htpasswd passwording to only prevent directory listing is because they assume you only want authorized people to view the folder's contents. If you link the images somewhere, people could just click the link and see the file (if it didn't protect everything in the directory).
So yeah, that's a long way of saying that, as far as I know, you can't do exactly what you want, but you can do something that could work.