Authentication via third parties are not an inherently Bad Thing. Mozilla Persona shows how third party authentication can be done, without risk of user base hijacking,
While it's true that Mozilla can't maintain a list of what services their users are using, there are still security implications to using Persona. Mozilla (or anyone who with their private key) can still enable access any user account on any Persona enabled site.
Persona is perfect for blogs, but using it for a service people may be paying for, or handles any private user information (postal address, private messages or posts on a forum etc) is a bad idea.
Persona is perfect for blogs, but using it for a service people may be paying for, or handles any private user information (postal address, private messages or posts on a forum etc) is a bad idea.