I’m not sure what the Facebook example has to do with password storage. They say right in the screen shot that they DON’T store passwords. It’s a one-time login, so they can access your address book, and it’s very convenient. How else would they do it? You’re right that it’s vulnerable to phishing though.