As far as logout, .htaccess won't help you much... generally, the only way to log out is to close the browser window (unless there is an obscure PHP function that will clear the HTTP Auth information, which is stored in the browser, not the server as I incorrectly stated before)... maybe a header() function.
For security, .htaccess will adequately protect a page as long as no one's "listening" to your Internet connection, since the username and password are transmitted in plaintext. Personally, I use cookie authentication with a MySQL database (which doesn't improve the security... the only real way to increase security is to connect using an SSL connection). With cookie authentication, you can log out by deleting cookies, and you can make it easier for yourself by not having to type the information every time you want to access this page from your own computer (if you so choose; PHP has functions for either session cookies or time-expiration).
For added security, I use the md5() function to hash the password before it's transmitted, and then compare it to the hash of the password returned from the database for that username. I also use a "secret phrase" (hashed along with the password) to prevent guessing. Of course, every person has their own style of authentication, but this is more likely what you want since it ensures that (as long as the cookie is deleted) no one will "accidentally" log on after you.
Hope it helps!