I don't like the idea of entering my Dropbox credentials directly into an untrusted site. Doesn't Dropbox have any safer means of authentication for these kinds of services, like twitter or facebook offer?
the dropbox api has oauth for this exact purpose. they also have an endpoint (a la xAuth) that returns a token in exchange for credentials, but afaik, it's reserved for mobile apps that don't want to deal with the oauth dance.
Seems like a cool service, though.