I do agree with some of your rant, but actually the separate passwords/emails for every location are a very clean implementation of multi tenant client login.
I'm not sure how well it is implemented in the backend, but if it is safely separated in the database while having the current UX it's actually really well designed.
A "clean" multi tenant login separates the person from the account. There's no reason for a person to have a direct 1:1 mapping with a system user or account.
I'm not sure how well it is implemented in the backend, but if it is safely separated in the database while having the current UX it's actually really well designed.