Let's see if I can help get this sorted out. Having carefully read your post, one thing that comes to mind is that thing might actually be working for you as expected, but you are not able to see it because of the way Apache basic authentication works with your browser.
Once a user has successfully passed an authentication dialog, apache will not ask again while that browser is open unless/until the .htaccess file is changed. This can easily lead you to believe, when you are setting things up, that the authentication routine is not working when it actually is; only by closing your browser and trying again to connect to a protected area can you be sure that it is, or is not working.
The use of wysiwyg software might be complicating your issue slightly in some subtle way, though it really should not have anything to do with the authentication stuff. I am, however, confused as to what you mean by "the only appropriate options for links seem to be "file" or "audio file" - a link is just a link, adn I'm not sure how/what/why the software makes any distinction as to what the link is to.
If I understand this correctly, that "members' page" is not protected, but only lists links to each member's "private directory", and those directories are what are to be protected via .htaccess. Is that correct?
Yes, they must be "somehwere" beneath your "web base directory" to be accessible from the web, but they do not have to be immediately beneath your "top" directory.
This is a bit confusing to me, as I initially had though you were just providing links to the members directory as opposed to an individual file, but either way, if the file is placed in a directory that is protected by .htaccess, then the authentication dialog should be presented the first time a user click a link the links to the file.
It could be any, or a combination of, those things that are causing your unexpected behavior - it's really hard for me to guess from your description what may be happening. Also, what "automatic generator utility" are you using to "create the code"?
You could certainly consider just using the DreamHost provided Control Panel tool fro password protecting directories to get you started easily (that what it is for) and then move thing around if you desire, or leave them as DH sets them up.
It should make absolutely no difference at all - as long as the directory ends up on your server the end result should be the same.
I'm confused by this question; whether or not you create a separate page or not is not relevant, only the location of the page/file/etc. to be protected - they must be in a protected directory for the authentication to take place, whether a file, or a page, it matters not.
Ha ha , well, I still have some patience left, and I'd like to help you, but I admit I'm confused about the details of what you are describing in a few places, and "the devil is in the details." You might consider posting a url to your site (using dummy data files) so we can see what you have structured rather than just relying upon your descriptions - sometime stuff is lost in the translation. Alternately, you are welome to PM me with a url if you would like for me to look at it but do not wish to publish your url in public.
What "wysiwyg" software are you using? Some such software (most notably iWeb) tends to "mess with" a sites directory structure as it "builds a web", and this could be having an impact on your efforts.
In a nutshell, what it seems you are trying to do is to have a structure that looks something like this:
and you want the member1 and member 2 directories to be password protected.
To do this, you put the .htaccess file with the authentication directives in those directories. Then, if you wish, you can either put a page in each of them (index,.html) to link to each of the files, or just let the files display in a directory listing for the user to "click" - either way, those files will not be visible to anyone who does not pass the password dialog.
Does any of this help at all?