I appreciate you trying to make it easier for users to remember their login/identity/site key/access code/whatever, but this may actually be making it harder.
Since we have all had years to figure out how to manage logins across many different sites that do not coordinate, we've all solved this problem in one way or another, but the solutions are based on finding efficient ways to manage userid's and passwords.
Mine for example is that I use a set of three userid/pwd pairs. Pair 1 is simple userid/simple pwd, for throwaway accounts I don't care about. Pair 2 is moderately complex userid/pwd for sites I use frequently but could afford to lose/be hacked/whatever. And Pair 3 is highly complex userid/pwd for online banking and other secure things that need the highest penetration barrier.
Since I can easily keep three in memory and apply each one based on how I categorize the website in question, I never forget my logins to any websites, no matter how frequent or infrequent I use them. Nor do I ever have to write down or otherwise record my login info, anywhere, since it's easy to remember just three. Further, if one my lower level userid/pwd pairs is cracked, it doesn't compromise the critical one.
For your site I would have simply use Pair 1 or 2, problem solved. However, your pass phrase method presents a problem - I can use one of my passwords in plain text, which I'm obviously not going to do, or I can think up some pass phrase that is unique to your site, not part of my system, and hence easily forgettable.
I have no idea what other systems people use to manage their logins across the tons of websites in use these days, but I'd suggest relying on your users (especially since they're 100% savy HN users) to have already solved this login problem. Leverage their solutions by using the norm. Or use OpenID, which is another solution to this problem.
For me (since there is no content generation) I just used my username. I agree with the creator that this method is worth trying since there really is no reason to need the security of a password. This solution eases the effort spent coding and the effort spent signing up at virtually no cost. Sure it's not perfect but for a site like this I think it was certainly worth trying.
Since we have all had years to figure out how to manage logins across many different sites that do not coordinate, we've all solved this problem in one way or another, but the solutions are based on finding efficient ways to manage userid's and passwords.
Mine for example is that I use a set of three userid/pwd pairs. Pair 1 is simple userid/simple pwd, for throwaway accounts I don't care about. Pair 2 is moderately complex userid/pwd for sites I use frequently but could afford to lose/be hacked/whatever. And Pair 3 is highly complex userid/pwd for online banking and other secure things that need the highest penetration barrier.
Since I can easily keep three in memory and apply each one based on how I categorize the website in question, I never forget my logins to any websites, no matter how frequent or infrequent I use them. Nor do I ever have to write down or otherwise record my login info, anywhere, since it's easy to remember just three. Further, if one my lower level userid/pwd pairs is cracked, it doesn't compromise the critical one.
For your site I would have simply use Pair 1 or 2, problem solved. However, your pass phrase method presents a problem - I can use one of my passwords in plain text, which I'm obviously not going to do, or I can think up some pass phrase that is unique to your site, not part of my system, and hence easily forgettable.
I have no idea what other systems people use to manage their logins across the tons of websites in use these days, but I'd suggest relying on your users (especially since they're 100% savy HN users) to have already solved this login problem. Leverage their solutions by using the norm. Or use OpenID, which is another solution to this problem.