Well I did a little digging and found the reason this occurs. This is straight out of the Apache manual:
Why does it sometimes ask me for my password twice?
When entering a password-protected web site for the first time, you will occasionally notice that you are asked for your password twice. This may happen immediately after you entered the password the first time, or it may happen when you click on the first link after authenticating the first time.
This happens for a very simple, but nonetheless confusing, reason, again having to do with the way that the browser caches the login information.
Login information is stored on the browser based on the authentication realm, specified by the AuthName directive, and by the server name. In this way, the browser can distinguish between the Private authentication realm on one site and on another. So, if you go to a site using one name for the server, and internal links on the server refer to that server by a different name, the browser has no way to know that they are in fact the same server.
For example, if you were to visit the URL
http://example.com/private/, which required authentication, your browser would remember the supplied username and password, associated with the hostname example.com. If, by virtue of an internal redirect, or fully-qualified HTML links in pages, you are then sent to the URL
http://www.example.com/private/, even though this is really exactly the same URL, the browser does not know this for sure, and is forced to request the authentication information again, since example.com and
www.example.com are not exactly the same hostname. Your browser has no particular way to know that these are the same web site.
