Giving your password to anyone is a problem (and probably violates the TOS of the passworded site, do people and services think about that?), but it's not the problem being raised here.
"If you give up your password just because a stranger asks you nicely, whatever happens is your problem, imho."
The problem being raised here has nothing to do with giving up a password. FB no longer has the OP's password, and cannot do anything password-related. The OP making a mistake does not give FB a free pass to do anything else it likes.
However FB got the OP's contact list, they're using it in a way that goes beyond what he understood they would use it for. That's a problem. And there's nothing you can do about it. Privacy statements are a joke, they're written in a way that gives the service maximum flexibility, they're long and inconvenient, and services will ignore them and then change them when it suits them. Privacy statement violations are likely ongoing as we speak, in every service of note. They will assume the wiggle room in the present, and brush off the challenges when necessary.
You should assume that any data you give to any entity will be used in ways that you did not consider and that may surprise or disturb you. By entity I include the entire spectrum from friend (low risk, except insofar as they save your data on a higher risk service) to corporation and government (high risk).
The more money a corporation makes from data, the more likely they are to spend the resources to use your data in creative and long-lived ways.
Then add in a corporation's parent/child companies and business partners ("... and our affiliates ..."), and business sales, and there's no way that you will ever be able to track or control your data.
The OP's problem was not giving up a temporary password, it was giving up data and expecting that it would only be used in the way he assumed. Even if he read the TOS he may not have been able to predict this, and there are additional surprising and creative violations of individuals' expectations of privacy waiting to be thought of; at best those violations might be tailored to the privacy statement in effect at the time, regardless of what the privacy statement may have said when you signed up ("... we may from time to time change these policies, and it's on your head to keep up ...").
"If you give up your password just because a stranger asks you nicely, whatever happens is your problem, imho."
The problem being raised here has nothing to do with giving up a password. FB no longer has the OP's password, and cannot do anything password-related. The OP making a mistake does not give FB a free pass to do anything else it likes.
However FB got the OP's contact list, they're using it in a way that goes beyond what he understood they would use it for. That's a problem. And there's nothing you can do about it. Privacy statements are a joke, they're written in a way that gives the service maximum flexibility, they're long and inconvenient, and services will ignore them and then change them when it suits them. Privacy statement violations are likely ongoing as we speak, in every service of note. They will assume the wiggle room in the present, and brush off the challenges when necessary.
You should assume that any data you give to any entity will be used in ways that you did not consider and that may surprise or disturb you. By entity I include the entire spectrum from friend (low risk, except insofar as they save your data on a higher risk service) to corporation and government (high risk).
The more money a corporation makes from data, the more likely they are to spend the resources to use your data in creative and long-lived ways.
Then add in a corporation's parent/child companies and business partners ("... and our affiliates ..."), and business sales, and there's no way that you will ever be able to track or control your data.
The OP's problem was not giving up a temporary password, it was giving up data and expecting that it would only be used in the way he assumed. Even if he read the TOS he may not have been able to predict this, and there are additional surprising and creative violations of individuals' expectations of privacy waiting to be thought of; at best those violations might be tailored to the privacy statement in effect at the time, regardless of what the privacy statement may have said when you signed up ("... we may from time to time change these policies, and it's on your head to keep up ...").
But man that Facebook is cool.