Htpasswd for admin-plugin?

Is there a way to secure the /admin url with htpasswd?

Since ‘admin’ is not a folder in the file system I can’t drop a .htaccess/.htpasswd file there…

In the documentation there is a description how to rename the /admin slug. Is this the only way to make the admin plugin more secure?

I have not tried using an apache protected area, but for example you can allow access only from your IP adding in your .htaccess:

<files admin>
    order deny,allow
    deny from all
    allow from your-ip-address

Since my IP changes it’s not a solution for my case.

Would you say changing the ‘admin’ slug is secure enough?

I guess it depends on your slug… At least 8 characters maybe: 1aD-*nY7