Flixster wants you to give them access to your email accounts so that they can invite everyone from your address book to join Flixster. They do this by asking you to provide them with the password for those accounts. Read here and here for details. This is bad. Very bad.
The argument in favor of this tactic is that it's simply good marketing and good usability.
Joe Greenstein, founder, said in an interview, "We make it easy to invite your friends. Other sites don't provide good ways for people to spread the word. And, we tried to build a really compelling site."[source]
I have several problems with this approach. First of all, I don't want any company that begins their terms of service with a picture of a monkey and "I can't believe you really clicked on this. What are you trying to find out?" storing any password of mine. Of course, they also "reserve the right, at our sole discretion, to change, modify, add, or delete portions of these Terms of Service at any time without further notice." Does this little guy really inspire confidence?
I think that's the obvious issue. The less obvious problem is that Flixster is teaching users bad habits. Handing out your password(s) is not a good thing to do. The security industry and organizations have been trying to educate users on this point as much as possible. Users should be wary of third-party sites asking for login information. Flixster shouldn't make that activity normal. Somewhere out there, someone is looking to fund a startup called Bankster that will happily help you manage all your bank accounts.
