There are several ways you can do this. I would recommend storing the credentials somewhere all projects / suites can access them by creating a shared login utility so you only have to update in one place.
If your tests are all performing the same steps when logging in, that process should not be recreated for each test, that creates a maintenance night-mare, not only for the credentials like you are seeing, but especially if the login process ever changes.
If you create a shared script or keyword test you will only ever have to make a change once, as opposed to however many different tests are logging into the AUT.
Another possible mitigation is to have those modularized login routines that cunderw described pull from a central file containing the username and password. It would then update the project level variables with the value so that they can continue to function. So, when you go through the process of changing the password every 60 or 90 days, part of that process would be to update that file so that, immediately, your automation will have the latest and greatest information. Of course, that presents some security concerns about having passwords stored somewhere unencrypted but there are ways around that as well.
