[andrewcooke]

personally, i avoid places that require a facebook login because i want to avoid lock-in. this isn't such a great example, because i doubt i would care about long term access to random strangers, but in general i want to be able to have access to sites without having to keep using facebook. this is just a simple issue of access control - there's little advantage to me, and a big advantage to facebook, if they control my access to important services.

second, i am starting to be concerned about the ease with which private data on me can be pooled in one place. i have a consistent public persona on the internet (i am usually the no 1 hit on searching for my name, for example), and i am fine with that. however, in the past that has not included private conversations with other people. google (gmail) and facebook are changing that, and starting to exploit access to data i have previously considered private. so i am worrying about how to reduce the likelihood that this private data can be abused. one way is to reduce the amount of data out there (so i have stopped using gmail). another is to keep data isolated, which leads to me not wanting to use facebook logins ubiquitously (note that isolation works for private data, even as public data becomes more unified, as it cannot be pooled by a third party). i am not saying that there is any current danger in you providing data to facebook, but i think there is a clear risk that things could progress in that direction (for example, in the future they might provide libraries/services that help with whatever your site does; that may lead to them managing data, and that data will be associated with a single identity).

[before anyone points out that email is not private, the distinction i am making here is a practical and graded one. no single email is private, but the entire corpus is unlikely to be public knowledge]