It's nothing to do with the design of the OS, just a poor default configuration in the delivered product
Not sure I'd agree there- the login code should be in a loop which can only be broken out of by entering valid details.
On the Unix systems I remember it was simply the same code repeated three times- after that you just "dropped through" to the rest of the startup routine.
These days that would be very poor design, but in those days computer software was written by geeks for geeks, who were assumed to be trustworthy. The idea of computers all over the world being accessed by some spotty 14-yr old with a tablet in his bedroom wasn't even conceivable
But it is quite a glaring oversight to ship a system with a blank, or default, root password.
Yes. It should be a requirement during installation to set a root password.