Instead of forcing WordPress to have a custom membership system, if you want to use your own small membership feature, then you may not have to use sessions at all.
For instance, if you want to password protect a specific set of pages, you could make one page require authentication, using a username and password like you mention. Once the user has accessed this page, validated by the database of users separate from wp_users, you can use ajax to keep this “session” (or appearance therefore) alive. That way you achieve your needed functionality without having to program something that kind of goes against the nature of the WordPress system.