When adding a new user to the database, the user is automatically given DB_Owner rights for SQL Server roles. When editing an existing user and saving changes or when updating the database, DB_Owner rights are turned back on for users for which these rights were removed. There is not an option to prevent these default rights from being set for new users or reset for existing users.
DB_Owner rights should default for users. SQL Sever users' passwords are proprietary and the passwords are not the same as the user's application login credentials.
DB_Owner rights can be manually removed by unmarking the checkbox for each appropriate user within SQL Server User Roles, although it is not recommended by Blackbaud.