It does not mean that lemmy is less secure, but yes, it means that malicious app developers will have a much easier time stealing login credentials because entering them inside the app is already the norm. However this is definitely a feature that can be added so it does not mean anything bad long term
I think the reasoning was that there was a race condition between the code causing the bluescreen and the code updating to avoid the bluescreen so rebooting 15 times would give a lot of opportunities for the updater to win the race.