Facebook Experimenting With ‘Social Captchas’ For Authentication

Facebook Experimenting With ‘Social Captchas’ For Authentication

Most sites, when signing you up or verifying who you are after suspicious activity, ask you to answer a security question, or possibly read two out-of-focus words and type them into a box. Facebook is testing out a “social captcha”, where pictures of friends of the user trying to log in are shown, and the would-be user is asked to identify them. It’s only being used on a limited basis for now (though one Lifehacker editor encountered it last year, but it’s a good reason to think about stripping down your Facebook to actual friends for the future. [Facebook Blog]


  • This apparently arose out of a sudden urgent need to provide a whole country with a secure login procedure.
    Tunisian ISPs were capturing user logins at the behest of so called Ammar, the govt. body that censors the internet in that country.
    Scary stuff.

  • I’ve had to identify friends for quite some time now and you are absolutely right, the more “friends” the harder it gets. Good thing I do a “friend cull” every few months or so. 🙂

  • Surely this would then be open to all sorts of abuse.

    Say I make all my photos private except to my friend Bill.

    Someone comes along and attempts to reset Bill’s password (or somesuch), and is suddenly presented with one of my photos. Not so private anymore… (Oh, and hopefully Bill’s account isn’t compromised).

  • here’s another interesting thing.. what if…
    i am a close friend of bill and know a large subset of his friends. facebook just got easier to crack!

Show more comments

Log in to comment on this story!