Edit: Many of the phone/mobile browsers don't have basic-auth. But, Firefox mobile is compatible and Some chrome versions can do it. So, the eventual solution was to simply download a compatible browser.
It seems recommendable to put a note like that into the [unauthorized] section of an hfs template. So, instead of no explanation, the user could have a note on what to do to achieve login.