Their response sounds correct. If they need the original Joomla password to log the user into mijoshop, then JFBConnect won't work properly to log the user into that cart system.
The user does not enter their Joomla password when logging into Facebook, and Facebook does return a unique ID (like a hash, if you know code) for the user. That ID would really only be usable to JFBConnect for us to look the user up within the Joomla database. From that, we tell Joomla that the user is logged in, without ever seeing a password. If Mijoshop isn't able to do the same and requires the original Joomla password, which the user may not even have, there's no way we can help with that. We can't regenerate a Joomla password and we can't fake that out for Mijoshop to use.
There are other bridges for other software that can work without a password. I'm not saying Mijoshop is wrong, it may just need to be reworked to get around a password requirement to take other forms of authentication or proof that a user was logged in. That may or may not be possible.
Hope that helps explain, but if you have any questions, definitely let me know.
Thanks,
Alex