We currently use the LDAP authentication for our Phabricator installation which works great because users can use the same login and password.
The VCS access (serving repositories over HTTP) should also have the option to validate against the LDAP server (of course only when the LDAP authentication provider is used). This would give a better user experience as everyone can work with the same password and no manual step is required.
An additional benefit is that no password would need to be safed in the Phabricator database which makes the system safer.
I found on the Repository Hosting documentation the sentence
If you plan to use authenticated HTTP, you'll also need to configure a VCS password in Settings → VCS Password. This is a different password than your main Phabricator password primarily for security reasons.
Can you please elaborate what you mean exactly with security reasons and if the LDAP option could be a new feature?