I'm a bit skeptic that this would add another level of security. If your main password was stolen, it's just as likely that any other password you have also did. Maybe it would add another level of inconvenience.
Have you tried simply adding both files to the /admin directory? I don't see a reason why it shouldn't work.