Say you work for LargeCorp, you have a LDAP login to access your desktop, access various internal applications etc.
It's convienient because you don't have to independantly manage authentication for each application you use; this is convenient for both yourself - you don't need to remember ten different passwords, and for the developers, who don't need to implement their own authentication.
The problem is - say someone points me to an application which asks for my LDAP username and password - how can I be sure that this isn't a phishing attempt from someone within the organisation? This is a large corperation after all, I can't trust that developers are not incompetent/malicious.
The plausible example I can think of, is a disgruntled employee sends his manager a link to an internal application - 'Hey boss, check out this new tool we've made'. Boss logs in with his LDAP credentials and disgruntled employee now uses the boss's credentials to read his boss's emails.
Out in the wild - we'd suggest that you should use a different password for each website you use - so (assuming I have a perfectly random password) there would be no risk to my other logins by accessing this site. But with LDAP I have to use the same password.
What security principle is there that justifies LDAP centralisation?