I totally agree with this and I have argued many times that account location should be based on username + password instead of on only on element (secret). Last time was here.
Your remark about plausible deniability is an additional argument for this.