maybe you know that in hfs you can set user/pwd for each file, you are not limited to user accounts
1. hfs for now doesn't keep track of all those user/pwd, so doesn't know if a login is useful or makes sense. so if the user is not in the user accounts, it just accept it.
2. there is no risk in accepting any login, because this doesn't mean it can access resources
3. there is a little problem in the fact you could have a user account A/B associated to a file, and after setting a user/password A/C for the same file. HFS should accept both passwords, give access to the file, but knowing that they are different identities, because the user account may have more options associated.
anyway, i already planned to change this in next versions, and HFS will accept only logins actually used in the VFS or in user accounts.
