I’ll answer this from a security perspective, please add additional detail to the question if you are more interested in the user interaction/UI/etc. side of things.
You could argue that a password protected page offers far less security when compared to a default WordPress user, therefore you might want to setup up one or more very basic user accounts (e.g. user level contributor) and redirect the user to your editing page when they log in. That will probably be easier to manage, than using a password protected page. But I guess that would also greatly depend on the number of clients needing to access the page and the tasks they need to perform once logged in.
Also, as long as you are correctly escaping your database operations and the data included there you should be fine. This should probably suffice to update the database table securely with data received in a POST request (though you’d likely want to do some manual validation/cleaning first):
global $wpdb;
$query = $wpdb->prepare( "UPDATE $wpdb->wpse_88623_custom_table SET field_1 = %s, field_2 = %s, field_3 = %d WHERE id = %d", $_POST['field_1'], $_POST['field_2'], intval($_POST['field_3']), intval($_POST['id']) );
$wpdb->query( $query );