found the reason for basic auth not working correctly: sha1 hashed pwds apparently don’t work anymore (on my box). thx to Jouser, quasi, gryzor on #apache for hints.
now i’ve regenerated the htpasswd file using md5 hashes instead (work-around). mind that md5 is considered to be less secure than sha1 in general (see e.g. this posting). for numlock.ch, security is good in either case as nobody except yours truly is supposed to have access to those hashes anyway.
regarding the citation you find in the upper right corner of this site: Jouser pointed me to this shopping page on cafepress. funny :)