gss_acquire_cred_with_password() will not change the default cred of 
the default cache, and I don't propose to change that.

Right now, if the default cache isn't collection-enabled and contains 
creds for a different principal, gss_acquire_cred_with_password() will 
fail, as would gss_acquire_cred() with the same name.  We could 
conceivably use a memory cache in that case instead.