Yeah it's a problem they don't need to have. A few oathy entrances would help. "Login with Google" "Login with facebook" "Login with outlook", etc. If the user's added foo@gmail.com, it's fair to let foo@ to log in with the same identifier.