LWN uses usernames and passwords: are the developers of this site lazy, too?
In fact, MoinMoin supports a variety of single sign-on technologies and alternative authentication mechanisms that don't involve having to be concerned about how you, as the person deploying the Web application, will store your user's passwords. That said, you then have to integrate applications with the authentication infrastructure which is sometimes easier said than done. And for a lot of sites, if you go for something like OpenID, you also have to tell your users to go and make identities with other services who will, of course, want you to provide credentials that they store in a hopefully secure fashion.
It also doesn't help that the various single sign-on technologies are a stew of continuously changing aspirations, features and the occasional nod in the direction of backwards compatibility. Coincidentally, I am currently investigating one of the favourite federated authentication technologies and the available Free Software client (relying party) and server (provider) solutions, and it's hardly surprising that most people would rather not even look at such things given the breadth of homework required to not only figure out what the solution is supposed to be doing but also to deploy it correctly with only minimal and vague documentation (and not to mention fight with bizarre Web framework behaviour).
So yes, we could encourage everyone to not write their own password storage code and instead delegate authentication to other services or, at the very least, to well-documented, portable, easily-deployed libraries that everyone knows about, uses and supports. However, until such time as the grunt work involved in delivering these usable libraries and services has been done - a prime candidate for paying people instead of having them or others paid to ruin the Linux desktop, or whatever it is that we like to complain about - one can't blame Web application developers for working within the constraints of their domain - presumably not getting paid to do everything in the absolute best way possible while also meeting demand for new features and the stuff people also want (because they saw Facebook do it, or whatever) - and providing the option for only moderately secure password storage.
I think we'd all like to be able to do everything to the best of our ability all the time. Unfortunately, no-one ever seems to pay the rates required or permit the necessary working conditions, at least in my experience.