Implementing username/password authentication on the server side requires external plugin or script, which you have to compile, write yourself or find somewhere and adapt for OpenWrt.
Actually, nobody uses it on their own server, because it's security level is negligible compared to certificate-based authentication.
And private key password protection is entirely different from username/password authentication.
But most likely you don't need it too, because utilizing it leads to additional potential issues.