Although both .htaccess password protection and WebDAV are both set up from the same panel page, WebDAV is not at all involved with the .htaccess password protection process. Just make sure you don’t check any of the “WebDAV” stuff on the panel page.
You can always just rename your existing .htaccess file to something (orig_htaccess, for example), use the panel Password Protection tool to set up you .htpasswd file and manage your user/password combinations (which will create a new “.htaccess” file), and then merge the contents of your original .htaccess file into it with a text editor.
At least that way you will know that you have correctly encrypted passwords and valid entries n the .htpasswd file.
How did you encrypt the password(s)?
I can’t comment on your permissions (I don’t know how they are set), but you could put the ‘AuthUserFile’ anywhere you want and it shouldn’t make any difference as long as you have detailed the full path correctly in the .htaccess file.