Well, that's just it, it's not that easy. A well-designed system will keep details like passwords and such tucked well away from everyone. The machine(s) that store passwords and such probably aren't even on the net; they're likely connected to an internal, private LAN; you'd have to somehow breach security on one of more of the outer-layer machines, then somehow burrow back into wherever sensitive information is stored. In that light, it's usually a lot easier to acquire information through social engineering, fake e-mails, etc. People are often easier to hack than well-secured servers.
And also, there's a distinct different between LJ storing your LJ name and password (they kinda have to, they're LJ), and some third-party service having access to your name and password. LJ is the trusted entity here... you're using LJ, you use your name and password to access LJ. Frienditto is a third party, and a dubious one at that; with your name and password, they can not only read all the journals of people who've friended you, they could log in and screw up your own journal. That's the core issue here.
no subject
And also, there's a distinct different between LJ storing your LJ name and password (they kinda have to, they're LJ), and some third-party service having access to your name and password. LJ is the trusted entity here... you're using LJ, you use your name and password to access LJ. Frienditto is a third party, and a dubious one at that; with your name and password, they can not only read all the journals of people who've friended you, they could log in and screw up your own journal. That's the core issue here.