The Feds are forcing them to create a second working password for the accounts...that way even if the user changes their password the Feds still have a working one.
No trick to have two passwords to open a single account....just a line or two of code.
It just occurred to me how useful it would be to them to simply change the passwords of people who they wanted to lock out of the internet. Do enough at the same time and a lot of dissent would come to a grinding halt.
In practice it would be a bit hairier than that.
E.g., every email system I know of lists unread emails in bold or something. That would mean a careless G-man could give up the game by forgetting to change an email back to unread status. Also, Gmail shows you the last n logins (date, IP, location) and tells you if your account is open from any other location (e.g., fbi.gov).
To protect against features such as the above, a surveillance account would require special status. Able to roam through the target account without leaving any tracks or dead give-aways. A lot more than two lines of code.