Is the perception that we will be nefariously ingesting your private data? Or that FB auth is just a trend? Or just a mistaken assumption that all users actually have a Facebook account?
Personally for me as a user it's because I don't trust Facebook.
I also think it is a bad idea to outsource your authentication mechanism to a single private entity. What happens if your user deletes their account? What if Facebook thinks your site exhibits suspicious behavior and decides to not send along its users' authentication? Probably won't happen but if it does it could be a world of hurt, much like PayPal.
For the record, normal users /do/ delete their accounts. Users also often have unpredictable priorities, as they are complex people in their own right ;P. Example: they may use transient e-mail addresses (assigned to them by their ISP/school/work) and then get "locked out" of their Facebook account because they forgot their password and can't fix it due to a new e-mail address. Rather than going to the trouble to fix the situation, they may instead simply create a new account, and take this as an opportunity to have a "clean slate". Meanwhile, they may consider your website, which they might even be paying for, to be critical to their lives, and now they can't log in anymore.
All of the above. And also because, I just don't want to have to use FB to login to a totally unrelated site.
The use case is, I use FB sparingly because I don't have time to get sucked into that pit. I friend people I meet irl, and 'Like' sites that are relevant to my profession (personal branding & networking).
But I don't use it for any other purpose. So if your site isn't relevant to my profession, I don't want to connect via Facebook, and if that's the only login option, you've just lost me.
Every site should have OpenID and/or its own user accounts, so as not to lose users who for one reason or another don't want ot use FB.
The problem with OpenID is that takeup is orders of magnitude lower than Facebook. That hasn't changed for years, and I don't think anyone really expects it to. Users can't use it as a direct facing log-in because users don't tie themselves to URLs, they tie themselves to email addresses. OpenID eventually asks you to trust someone to hold your sign-on details, it may as well be a company most users already do.
I somewhat favor the StackOverflow approach, which is "we won't authenticate you, but here's a bunch of services that do", but inevitably I forget which service is actually tied to my account. This is how it's been with my HN account for a while, I loathe deleting the cookie, as I spent 10 minutes figuring out what ClickPass wants.
TripIt has both Facebook and Google Accounts. I'd probably expand to Yahoo! and Live Mail (if MS has anything for that) and leave it there.
Facebook uses openid to eg, allow users to sign in with a google openid when signing up for facebook. But as far as I know, Facebook is not an openid endpoint, you can't auth against a facebook account using openid.
Happily, google is an openid endpoint, and basically everyone has a google account for gmail or something.
