Sort:  

This seems like it could become a big problem as the steem app ecosystem expands. Something in one app context (or community) may seem low quality, but actually be quite good in a different context.

I would stick to steemit and never login to any other website, id be afraid of them getting my keys.

Yeah good point. It would be nice if Steemit offered OAuth and an API at some point so that 3rd party apps don't actually need the user's real keys, but instead get a revokable access token. There would also need to be a way for users to limit the amount of funds that an app can access to lower risk. Without these things it's hard to imagine an app ecosystem growing around steem (except for simple apps that don't require auth like steemstats).