You can set up the logins one of two ways. You can create a SQL login (not recommended) which has a name and a password. Better is to set up a login through windows authentication. This would be a login created on your domain. You can then put the password, encrypted, into the registry (one way, there are others) of the web server. Nice & safe.

It wasn't clear from your description, but you're not letting the developers create stuff on the production machine are you? That's bad. I'm assuming that your clients & customers would like to see their data stay intact. Develop on a different box.

As to how to set up the developers security, actually, that's not the issue. The way they're trying to create the procs is. Instead of :

CREATE PROCEDURE MyProcname

Have them include the schema (I'm assumming you want to use 'dbo'):

CREATE PROCEDURE dbo.MyProcName

Now it won't be owned by the individual developer any more.