I don't understand it. To access you funds at MyEtherWallet all you need is your private key. Let's say "
u4jk243khj23423h4ojij23i4j2i3j4o23pj4". That's it.
How can be this secure?
Somebody can write a bot, which will generate random strings (he knows lenght of string). And sooner or later it will match somebody's key. And since he doesn't need any additional password or account name, he will control that wallet.
How is that secure?
1) It's not that secure - you're pasting a key into a website with client side javascript
2) You have the option of running the chrome browser version of the website. Do your diligence, start here:
https://www.reddit.com/r/ethereum/comments/44vbef/myetherwallet_chrome_extension_the_beta_has/3) Use a hardware wallet. You at least are not exposing the private key when performing transactions and can verify the address you are sending to via the ledger/trezor interface which cannot (easily) be fooled into signing a transaction to the wrong address.