As they get password when signed up with Ecency, it is only natural to tell them login with credentials they received. Security aspect of it should be handled by apps and websites, for example person might use master password to login but app gets private posting key from that and use that instead.