How is 8 letters username + 8 letters password harder or easier to crack than a 16 letters password?
It isn't easier to crack, but people remember usernames easier, so you get people who will enter 16 characters instead of eight. The validating server can treat them as separate lookups or not without impacting the efficiency of brute force attacks. The advantage of using multiple entries is that you end up getting more characters that have to be guessed correctly, which is a compound effect, so adding a PIN or multiple choice question compounds it further and isn't pointless at all.
Say you are trying to brute force my slashdot password and it's eight characters. That's 7213895789838336* possible combinations you have to work through to target one user, but I'm user 166417, which means you'd be 166417 times more likely (at least) to get illicit access if I weren't using a separate username.
Now, if my username were hidden and combined with the password entry and had to be eight characters, you'd have 52040292466647269602037015248896 potential combinations, which is obviously harder to crack, but you'd sacrifice functionality for that trade off and 7213895789838336 is a reasonable number of permutations for the level of security required. In reality, I'm not limited to eight characters so the real number is even higher.
Now, you have a valid point if you say that 16 characters would be a better length for passwords, but if you required that, there would be far fewer people who would sign in and make comments which would degrade the value of the whole system.
* - I know there is additional math that can be done here, not limited to but certainly including the tendency of people to use words and pseudo words in their passwords. I've read the manuals and brute force cracking articles too but I'm not getting paid to figure it out so my motivation to get a more accurate number is low.