Can you share your whole nginx config? It will make answering this question with greater certainty easier.
I believe you can add this to your nginx config to disable basic authentication for the folder that the HTTP-01 challenge responses are placed for verification by Let's Encrypt:
I'm not an nginx configuration expert so please take my suggestion only as a starting point. Make sure to check your configuration for syntax errors after making the change by running nginx -t -c <your config file>.
Another option might be to switch to using certbot’s --nginx plugin, which uses TLS-SNI-01 and doesn’t require access to the .well-known folder at all.