I suppose the one worry is that if someone has the ability to impersonate your e-mail and has access to your friends list, he could then impersonate you and ask *all* your friends for codes. The attacker doesn't need to know who the trusted friends are since your circle of friends would not easily be able to detect that everyone's been contacted.
The attacker may mine the publicly available info on the friends to personalise the message a bit, if not, keep it short and very simple. It's not like this request would come in a long personal message anyway. It IS likely that it will come by e-mail though since you'll already be at the computer, trusted friends may be around the globe and so on.
In short, you need your friends to be capable of detecting an impersonation attempt, even if brief and potentially conveying a sense of urgency. Remember, your trusted friends may be the same people who click on links that appear to be from you *because* they trust you.
So in summary, while I do think this is pretty neat, I also wonder if this is not rather vulnerable to social engineering (perhaps not so much among the /. crowd - but generally)?