This excellent article from ESET Security documents issues for both the employee and employer.
Facebook logins toxic for employers, violate security and privacy principles
QUOTE: Attention CEOs and HR Managers: Facebook login credentials belonging to current or prospective employees are not something that any employer should request, use, or posses. Why? Apart from the violation of security and privacy principles? The risks far outweigh any benefit you imagine you could gain by logging into a social media account that does not belong to you, even if you have persuaded the account owner to give their consent. The practice of asking current or future employees for their Facebook credentials is not only a serious risk for employers, it is one of the most unpleasant HR stories that I’ve encountered …