I've logged in once several days ago, and Facebook hasn't prompted me for a password since. Additionally, the logout button is tucked away in a drop-down menu. Both are changes from the prior version.
So, what's the big deal? As I wrote about before, "one-click" ordering on Amazon nets the company a few orders that would have gone astray had the customers instead been forced to go through the various checkout screens. The same principle applies here: by making it ever so slightly more convenient to stay logged in, and ever so slightly more difficult to log out, Facebook can keep a handful of users on the site longer than they otherwise would have been.
Requiring visitors to log in during each session is a reasonable approach for some online activities, such as banking. The Bank of America login process starts with the below dialog box.
After entering a username, customers are shown a confirmation image and phrase before entering their password. This helps them ensure that they are on the legitimate Bank of America site.
Facebook can get away without this much security. While Facebook fraud has not ceased to be an issue, the stakes are much lower than they are for a banking site. A stolen Facebook password may cause temporary embarrassment but is not likely to bring about financial ruin.