Improve documentation related to HTTP Basic Authentication.

Fixes https://github.com/marcoskirsch/nodemcu-httpserver/issues/71

README.md

@@ -65,12 +65,13 @@ Let the abuse begin.
 
 4. How to use HTTP Basic Authentication.
 
-   Enable and configure HTTP Basic Authentication by editing "httpserver-conf.lua" file.
+   Modify variables in configuration file httpserver-conf.lua in order to enable and to configure usernames/passwords.
+   See comments in that file for more details.
 
    When enabled, HTTP Basic Authentication is global to every file served by the server.
 
    Remember that HTTP Basic Authentication is a very basic authentication protocol, and should not be
-   considered secure if the server is not using encryption, as your username and password travel
+   considered as secure since the server is not using encryption. Username and passwords travel
    in plain text.
 
 ## How to use server-side scripting using your own Lua scripts

httpserver-conf.lua

@@ -4,12 +4,14 @@
 
 local conf = {}
 
--- Basic Authentication Conf
+-- Configure Basic HTTP Authentication.
 local auth = {}
-auth.enabled = true
-auth.realm = "nodemcu-httpserver" -- displayed in the login dialog users get
+-- Set to true if you want to enable.
+auth.enabled = false
+-- Displayed in the login dialog users see before authenticating.
+auth.realm = "nodemcu-httpserver"
 -- Add users and passwords to this table. Do not leave this unchanged if you enable authentication!
 auth.users = {user1 = "password1", user2 = "password2", user3 = "password3"}
-conf.auth = auth
 
+conf.auth = auth
 return conf