In this chapter of my Facebook Security Series, we are going to look into the Facebook Social Authentication feature. This feature is going to enhance the authentication during the log in process as part of your friends is going to be picked by Facebook as part of the item to authenticate you.
Previously, Facebook uses the Captcha technology to beat off automated spam bots. The good thing about the Captcha technology is that it can really beat off automated spam bots. However, the level of difficulty to break this security is way too simple and should not be used in any verification. Furthermore, it might at times generate an extremely difficult to type Captcha such as the one I posted on the Security Joke of the Day.
So what is Facebook Social Authentication?
Simple. The term Social Authentication means that Facebook will use some of your friend’s picture as the question and provide you few names of your friends for you to identify the person. This means that you need to be able to recognize your friend’s name by the photo to get authenticated. An example of the screenshot is as below where I grabbed it from the Facebook blog.
This feature seems cool but some of my readers had already express some of the weakness from my previous post. Most of them mentioned that not every of their friends uses real photo in their Facebook profile. So if I happen to use Optimus Prime of Transformers as my picture all the time, then my friend will need to have the capability to tell that particular Optimus Prime picture belongs to me.
It sounds like some nonsense to me but I will still go for Social Authentication over Captcha. So what do you guys think? Social Authentication or Captcha?
Featured Image Credit: Nutdanai Apikhomboonwaroot (Image link)