I completely agree with you.
There has been a whole topic dedicated on the subject in the dev forum (Two passwords for login process) and a majority of people didn’t like 2 passwords and would prefer a name (call it common name, account name, pet name, friendly name …) and a password.
IMO the traditional solution (name + password) and deriving both the location and encryption/decryption keys from these 2 elements was the way to go. I argued here and here) but I failed to convince MaidSafe. Maybe you could revive this topic and be more successful than me.