Details of how to add password authentication to mosquitto is discussed in the mosquittto.conf man page.

You have 2 choices, either setup a pair of acl & passwd files or add JPMens' plugin to allow the ACL/user/passwords to be loaded from a database.

For a cluster the correct approach would be to user the plugin so all the instances of the broker are kept in sync. Setting the up the plugin is covered on it's github page here. How to set this up in a Kubernetes pod is going to be a complex task.

Since you say you just want to test, then using the mosquitto_paswd command to create a passwd file and building a acl file then copying both these into the filesystem for the pod will be the best way to test. You will need to add the acl_file & password_file options to a file in the /etc/mosquitto/conf.d directory.