Thanks for the tip!
Both seem flawless, but a lot of work on the other hand. I decided to use this: http://www.zubrag.com/scripts/password-protect.php
It’s not a plugin, but it blocks acces to the index.php and forum.php. The topics can still be read by anyone who knows the URL, but I used a robots.txt to make sure the site will NOT be indexed by google or any other search engine.
So I guess I’m more or less safe. But it isn’t all that super secure. Hopefully there will be a similar plugin for this once.
If I delete index.php I can still access all topics by typing their specific URL. (And I guess google can still index them)
So I guess password protecting just index.php is not sufficient..