Managing privacy of online content is difficult. We present a simple social access control where sharers specify test questions of shared knowledge, such as "what is our school mascot," instead of creating authenticated accounts and specifying explicit access control rules for all potential accessors. This demo will let attendees interact with our Facebook prototype. We will also explain prior studies that elucidate the context of photo sharing security, gauge the difficulty of creating shared knowledge questions, measure their resilience to adversarial attack, and evaluate users' abilities to understand and predict this resilience.