I was able to find an answer on the forum, which Kosta gave to someone else:
"about "force web login"
If an account is present in the phone's Settings, Aqua uses Google Play Services to log you in (and you won't have to enter a password), but gives you the option to use the app's own OAUTH2 implementation (not Play Services).
This is the "force web login" checkbox, and it should only be used if there are issues without it.
Play Services can't be used for accounts *not* present in the phone's Settings, so then "web based login" is the only option - and therefore there is no user-settable option, the app always (has to) do it this way."
This answers my original question, but also raises another one:
Is it better to use force web based login for privacy reasons, since then Google doesn't know you are signing in from this mobile.