I'm speaking generically about how one "Signs Into" their account. Steem is an experiment in Blockchain technology for this type of Security. The Passwords you use on Steem are in reality Cryptographic "KEYS" to your Wallet, which is also your account. Rather than just using an Email address where one can simply ask the Admin for a new password by emailing it, the STEEM experiment is in Decentralization. There is NO ADMIN to simply beg for a new Password when one loses it. This Experiment is designed to teach the USER to handle their OWN cryptographic Security and not rely on exploitable, third party security that's been around for 30+ years.
From My limited understanding of the situation, Leppo was given this account by someone else. But Leppo never reset his KEYS leaving the original account builder with access. All of this would have been avoided had Leppo simply set up new Crypto Keys for this account. Now it would seem that the original account builder has reclaimed control and reset the keys locking Leppo out... It's a harsh lesson, but one that I PERSONALLY have taught to a few individuals. I can't help but respect this individual for teaching Leppo such a valuable lesson.