[ampersandy]

Why is it a horrible idea? I worked on the Site Integrity team at Facebook and I can assure you that protecting people's accounts from attackers is a fundamentally hard problem that very few companies are actually equipped to handle.

[tobiasu]

Ah yes, the good samaritians over at facefuck, providing a service for free. (Leave it to us, you're too stupid to handle this...)

Your disgusting business motives and my (consumer) interests do not align, at all.

[Robin_Message]

That's pretty uncalled for. If you met a Facebook developer in person would you talk to them like that?

Facebook provides a service people find genuinely useful, or they probably wouldn't keep using it.

Their business motives don't seem much different from other large businesses, and their impact on consumer interests seem minimal (e.g. compare them to Target's accidental pregnancy revelations – which is worse?)

The are pushing society in new and interesting directions on privacy, but I don't think that is necessarily a bad thing, nor is it their fault (e.g. the invention of personal cars changed society a lot, positively and negatively, but no-one blames car companies.)

On the substantive point, when you see the number of credential leaks and account hijackings out there, maybe telling most developers "You're too busy and inexperienced to handle this well; we have many well paid experts working on this" is a good thing.

[blueskin_]

Because it adds a single point of failure, and erodes privacy by irrevocably linking accounts. There have also been security fails with many single sign in systems (including at Facebook...).