I understand what you are saying till, but a client never will.
You should also consider that when a site is "hacked" it's usually because some trojan has gleamed the access from some application on a users computer. In these instances having multiple logins in ftp apps, email apps or web design apps just means the hacker gets multiple logins and passwords not just one. Also most clients will do something stupid like create ftp logins like "mysite1" "password", "mysite2" "password" and so on... We have clients with hundreds of email addresses and they set every single one up with the same password and allow only the top level executives to change/create their mail password - the normal users have the generic one so the bosses can check their mail if need be.... great "security" that is... not
You can never beat the client, they will always think of something even more silly no matter what you do to try and secure the system for them.
Personally, with ftp, our policy doesn't rely on the username/pass, it relies on access. Generally on most server systems, ftp access is granted on client request and also limited by an IP subnet the client is on. Which reminds me I have to read up on how to do this in pure-ftpd - I always used proftpd-mysql in the past.