Not really a WP question, but I do this with dev sites. I don’t think I can give you an absolute answer as to search engines’ behavior, but speaking from experience, adding authentication like htpasswd retroactively would cause an eventual departure from search results. Adding auth proactively has produced effective results for me. The search engine hits the auth, then is left with a 401 error.
You can also try asking Google to in-undex your stuff if you need to. The site needs to be registered in Google Websmater Tools/Search Console. https://support.google.com/webmasters/answer/1663419?hl=en