Username or EmailPassword
The other problem is that the RHEL/CENTOS approach encourages the frozen install problem whereby security patches are trickled in when a major version update would provide the best level of security. It would be like a third party backporting security patches to IE6 to keep the rest of their software from breaking.
Third party applications need to be decoupled from the main system. Everyone should run the latest Apache, the latest PHP, etc.