What you would normally do in apache with an .htaccess file, nginx requires a different approach.
In sites-enabled, edit your site’s config file by adding the following inside the server block
location = /secret-folder {
auth_basic "Restricted";
auth_basic_user_file /usr/nginx/htpasswd;
}
Make sure you create a htpasswd file in the correct location.
htpasswd -b htpasswd NewUser NewPassword
Very useful nginx wiki.
Good Luck!