AFAIK, these are two different questions.
Starting from the latter, Recommendations are based on Segments and Segments can be defined based on consumer's behavior, not necessarily on login. However, if you have a user profile in ATG, you will most likely want to utilize the data that ATG has (I assume that the user is logged to ATG). So, it seems that the best solution would be to implement single sign-on.
Recommendation Assets themselves seem to be stored in Visitor Tables of Engage - see http://docs.oracle.com/cd/E29495_01/doc.1111/webcenter_sites_11gr1_bp1_admin.pdf, page 537
(but they use sessions, not logins as primary keys)
Thank you for your response and reference. Will go through these.