So from her second paragraph, the problem could be stated as some users may have used the email/password parameters without understanding the risk. So instead of removing them, why not add a -acceptrisk parameter which requires the user first go through a one-time risk acceptance page on their account screen to get a unique code value to put into that parameter. This way users that are willing to accept the risk can still do so and people that do not understand the risk won't be able to use them without first going through the process (which hopefully will also educate them on the risks). The funny thing is I have been playing the game for years and wasn't even aware of these options until I saw this thread. I do have a second mule account which I log in to on occasion, but entering the credentials hasn't really been an issue for me. So I am only providing my input from a purely problem-solving perspective.