People in this discussion have been focusing on the technical aspects rather than the people aspect. The current power management system is MUCH more secure because people do not have to be given an account on the machine for them to shut it down. This is helpful when an admin can not get to a machine that has to be gracefully shutdown because of an impending power outage or thunderstorms. This can be a home computer, a computer in a dorm room, a server in a hosting environment etc. This is also very helpful in a kiosk environment where no one at the place can be trusted with usernames and passwords to the computer. As an example the computer operators in our server room do not have a username or password on the servers but can gracefully bring them down by pressing the power button. Not having a username and password shared amongst multiple operators or giving multiple operators access to a server is not a good security practice either, especially on sensitive computers. Some people will say physical access is enough to compromise security but we have cameras that record any unauthorized physical tampering.
