"Hey Larry, here's my health insurance card. You can use it, I give you permission."
As soon as you think about this in the context of a paid service, who can grant authorization becomes very clear. The fact that Facebook is providing a free service should not change a thing. It's still their service.
Paid service? An analogy might be a paid hosting service. In that case there is no restriction on who you can give your password to to access say, your, website hosting or domain registration or similar service. Or to make changes or see what is going on there. After all, it's your content. Unless I am missing something which says facebook owns your content once you upload it.
And actually this issues has been settled (you own it):
"You are responsible for maintaining the confidentiality of both your password and your account and are fully responsible for all activities that occur under your password and your account."
Now while 1and1 probably has some language that restricts your ability to resell something (same as you can't resell your cable connection) allowing someone to login (like your web designer?) to view what you have is most certainly not prohibited.
So if your employer said "I want your password to your webhosting account" I don't believe the web host would have standing and/or a cause of action.
>...(you) are fully responsible for all activities that occur under your password and your account
and Facebook's version, which goes:
>You will not share your password, (or in the case of developers, your secret key), let anyone else access your account...
One says you're responsible for whatever happens on your account, the other explicitly says not to share your password. Kind of different, wouldn't you say?
It's worth mentioning that letting randoms into your Facebook account isn't only playing chicken with your account security, you're also playing with the security of everyone you have friended, who implicitly trust that the only person on the account is the person who's name is on it.
That is something you do not have the right to do on an ethical level, let alone a legal one.
As soon as you think about this in the context of a paid service, who can grant authorization becomes very clear. The fact that Facebook is providing a free service should not change a thing. It's still their service.