The only Gawker subscribers who appeared to have been safe were those who logged in to the site using Login with Facebook (formerly called Facebook Connect), a single sign-on authentication service that lets you use one login for multiple sites as long as you have a Facebook account.
Basically, it works by allowing you to sign in to a Web site using your Facebook username and password. If your browser stores cookies, the site will automatically log you in every time you visit it.
There are similar single sign-on services, including OpenID, Microsoft Passport, and Twitter OAuth, which allows people to use apps without the apps storing the user password. But the popularity of Facebook has pushed its login service to be used on more than 2 million sites.
One hitch for the Gawker users was that people who didn’t have Facebook accounts couldn’t use the Login for Facebook option. Facebook addressed that with a new registration tool announced yesterday that allows Web sites to use Login for Facebook even if the subscriber doesn’t have a Facebook account. The tool fills in the registration window with information for Facebook users who are logged in at the time. Non-Facebook users can sign up for the site manually.