The HTTP Authentication plugin works simple but adequate. Once published, every visitor to your Joomla! site is asked for an username and password through a HTTP Authentication popup. The Joomla! frontend is only accessible when HTTP Authentication is granted (by using the regular Joomla! login-system).
The plugin has few parameters. The parameter Redirect determines where the user is redirected to after authentication. The parameter Include IP can be used to define a list of IP-addresses that are allowed authentication through this plugin. This allows you to put your site offline through the Global Configuration, replace the offline.php file of your template with a nice under-construction-message (without an ugly login-form) and then use the HTTP Authentication plugin to allow yourself as developer access. Likewise the Exclude IP parameter can be used to give yourself more direct access.