Depends on how you define "good idea". :-)

If you're new and give Facebook your GMail password, they'll helpfully log on and figure out which of your friends are already on Facebook and which aren't. I actually think this is evil too for many reasons, but it is at least theoretically useful.

Also, if you want to use something like Meebo to connect to MSN/GTalk/AIM etc, you kind of have to give it your password so it can log you on.

There are some other "real" examples, and I can come up with dozens of hypothetical ones.

Unfortunately there aren't really any standard ways of granting a third party partial access to Your Stuff Online - it's generally all or nothing: do you have the password or not?

This will probably be addressed as things mature, but it's a very sticky problem. OpenID solves a piece of it, some of the Opensocial initiatives may address others (I'm not sure). It's going to take quite a while though.

Another thing to keep in mind, is that although it may be obvious to you and to me what is a "third party" web-site and what isn't, this is nowhere near obvious to many users.

Generally, people will just happily do as they're told. If they're asked to supply a password, their first reaction is to oblige. Being paranoid/cautious about such things has to be learned.

I totally just put my password into that thing without thinking. I was distracted and thought it was a friend trying to show me some of her pictures on her MSN account. Then I spammed everybody in my contact list. Luckily most of those people are pretty geeky and knew it was spam straight away of course.

My daughter apparently did this, and had this spam sent out, I changed her password and it helped. Glad to get an explanation here.