This is quite surprising. Nearly any commercial LDAP or other security access system stores only the hash of the password. Did Facebook use home-made security? For their size, you would certainly think they’d just buy a suitable commercial product.
When I worked, I was involved with the single sign-on system in a large bank, where we had 250,000 employees with logins. We used the Novell eDirectory LDAP to store the credentials.
You’re comparing apples and oranges. Yes, Facebook had/has custom in-house security, not some commercially available LDAP product. FR is the same way and so is any other website you interact with on a daily basis.
They aren’t on LDAP. It’s just a SQL database.