It doesn't seem to matter what I use for this, as long as it's the same in both the server config and the authorization file, but I was wondering if someone could tell me what it actually means.

A web search brings up a lot of documentation about authorization, but no one seems to bother mentioning why realm is included rather than just a username and password.

The AuthName directive sets the Realm to be used in the authentication. The realm serves two major functions. First, the client often presents this information to the user as part of the password dialog box. Second, it is used by the client to determine what password to send for a given authenticated area.

So, for example, once a client has authenticated in the "Restricted Files" area, it will automatically retry the same password for any area on the same server that is marked with the "Restricted Files" Realm. Therefore, you can prevent a user from being prompted more than once for a password by letting multiple restricted areas share the same realm. Of course, for security reasons, the client will always need to ask again for the password whenever the hostname of the server changes.


if using apache
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#What_is_a_Realm?

it's one more level of security on webservers.

Thanks for that. It makes a little more sense to me.
I'm going to assume that since my website is extremely minimal, serving only static pages, and the authentication is only for a couple of directories that share additional static content to a couple of people, I can leave it as is and just use an arbitrary string for the realm without being concerned about the complexities of its more advanced uses....which I may or may not ever have reason to use in the future.