I've been wrestling with them for turning off access via their Graph API to a public resource on a Page where the Page has access to that resource, and their rationale was due to the great privacy changes they're making to protect users privacy. While they're busy breaking the apps that businesses rely on to manage their Facebook Pages (without prior notice, ala the whole Instagram API fiasco), they aren't protecting the one thing that allows access to a user's privacy - passwords.
