I can understand that, but ultimately, security is the responsibility of the Church. Signing in with an LDS Account is only a means to authenticate, and yes, access certain information, but the account info is never actually typed in the non-church-owned site. It would be typed in a secure popup or other page just like facebook or google.With the roll out of tithing on-line, the ante has been upped on what the account can access. If anyone thinks I'd be willing to type a LDS Account login into a non-church owned site, they are sadly mistaken
To allow such a thing, the Church would have to ensure that only public and non-critical data be accessible, and then, only with permission from the user. In other words, if the LDS Account could be used like OAuth, then any app that uses it to identify a user, would never have access to tithing info or anything like that.
But nothing is ever perfectly secure, so I can understand why this is not available. But it would be nice