The World's Most Dangerous Password

NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"

Someone's gotta say it

[Roland Piquepaille (780675)]

What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it?

Stupid David played with the WOPR again!

WOPR's 'guesses'

[The Monster (227884)]

I remember watching WOPR 'cracking' the launch codes - each time it 'found a match' that character in the launch code would lock, while the others would continue to change in seemingly random fashion. I thought at the tima that it was incredibly stupid to have a system that would disclose which characters were correct - if you're using upper-case alpha and digits, that would require no more than 36 guesses to get any code.

Now I realize that the movie wasn't nearly as stupid as reality.

Re:WOPR's 'guesses'

[MattGWU (86623)]

I'll thank you to refrain from posting my root password in this public forum.

Re:WOPR's 'guesses'

[the_mad_poster (640772)]

I think a +5, Informative on a joke about posting a root password to the world is as funny as the joke itself. It's like the mods adding to the original joke: "Here everyone, r00t this guy."

Re:WOPR's 'guesses'

[MattGWU (86623)]

Ok. The thing is...that's not my ACTUAL root password. It's a joke. The thing about it is, that string is a perfectly good root password. It has letters. It has digits. It's not in the dictionary. It's not pronouncable. Therefore, it was perfectly cromulent to use it in the context of a root password. I twisted that into a joke by suggesting it was my root password, and expressing dissatisfaction that it was published to the world. How he came to get the root password, I have no ideas, as it was not, as I previously stated, my actual root password. Really, *any* of my root passwords.

Finally, the fact that this alledged 'root password' does not contain punctuation or non-printable characters was not held against it. It still works for the purposes of this joke. Lets hope they remain safely anonymous by not responding to this thread to express their outrage and incredulity.

My thoughts, however, go out to all the sysadmins out there who really DID have their root password outed this evening.

Thank you for your time, and have a pleasent tomorrow.

Re:Someone's gotta say it

[JMandingo (325160)]

A flight attendant invited me to a party a few years back, and it was mostly pilots and flight attendants at the party. All getting sloshed, of course - pilot and flight attendants DRINK. Since most airline pilots started their careers in the military I got to spend a lot of the evening listening to 'war' stories.

One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.

According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.

Scary truth or dunken bravado? Who knows.

Re:Someone's gotta say it

[ghostlibrary (450718)]

That's why 'man in the loop' is worth keeping. Fully automated systems are not just 'risky', but absolutely totally insane.

You read about trying to cut people out of the loop to save costs, think about this and just pay the $40k/year salary, for goodness sake.

Re:Someone's gotta say it

[netsharc (195805)]

You were at a party with stewardess, ehm I mean flight attendants..? Who cares about the war stories, did you score???

At least they're default routers...

[by Anonymous Coward]

Username: cisco

password: cisco

'nuff said.

That's a really good password!

[rice_burners_suck (243660)]

And here I thought that password would be something like, "password" or "login"... Instead, they chose the kind of code an idiot would put on his luggage.

Re:That's a really good password!

[Inominate (412637)]

Remind me to change the combonation on my luggage.

Hilarious

[sam0ht (46606)]

Funniest thing I've read all day. Makes lots of seemingly 'implausible' films about unauthorised nuke launches and hacking, a lot less implausible.

'Hmm.. it's asking for a password ? Try zero zero zero'

At least it wasn't...

[Draconix (653959)]

12345 Though now we know the President's suitcase combination. :)

Re:At least it wasn't...

[sik0fewl (561285)]

Damn, beat me to it. Here it is anyway since you left out Skroob's quote :)

ROLAND: No, wait, wait. I'll tell. I'll tell.

HELMET: I knew it would work. All right, give to me.

ROLAND: The combination is one.

HELMET: One.

SANDURZ: One.

ROLAND: Two.

HELMET: Two.

SANDURZ: Two.

ROLAND: Three.

HELMET: Three.

SANDURZ: Three

ROLAND: Four.

HELMET: Four.

SANDURZ: Four.

ROLAND: Five.

HELMET: Five.

SANDURZ: Five.

HELMET: So the combination is one, two, three, four, five. That's the stupidest combination I've ever heard in my life. That's the kinda thing an idiot would have on his luggage.

----

HELMET: We have the combination.

SKROOB: Great. Now we can take every last breath fresh air from planet Druidia. What's the combination?

SANDURZ: One, two, three, four, five.

SKROOB: One, two, three, four, five? That's amazing. I've got the same combination on my luggage.

I can just picture world war 3 starting.

[m0rphin3 (461197)]

Airman 1: Hey, Jeff, what do you think the secret password is?
Airman 2: Dunno. Try P-A-S-S-W-O-R-D or something.
Airman 1: Nah, it's just numerals. And it's not like the secret code could be 0000000. Nobody would be _that_ stupid.

*ATTENTION - PREPARE FOR GLOBAL THERMONUCLEAR WAR*

Airman 1: What you say!

Re:I can just picture world war 3 starting.

[ktheory (64289)]

"OMG! Why are the missiles launching?!" says the guy resting his elbow on the '0' key.

If a hacker

[NIK282000 (737852)]

If a hacker tried to brute force that, I think it would have been the fastest hack on record.

Reminds me ...

[shadowkoder (707230)]

of some of Microsoft's choices for authentication passwords. For example: 1111111111111111 (dont remember how many, but a good guess) for activating a MS Visual studio package. Nice protection for a $1500 license.

Re:Reminds me ...

[cipher uk (783998)]

i believe it was 111-1111111. the sum of the digits of the second area had to equal 7.
so 111-1111111 aswell as 111-2020201 would work. the first 3 numbers could be anything.

this was on a lot of pre-98 microsoft cds.

more info on microsoft cd-keys [omnitechdesign.com]

Re:Reminds me ...

[EvanED (569694)]

Oh, I always used 123-1234567.

No wait... no I didn't...

The world was different then

[sloshr (608388)]

Things have changed on the global level more than just a little bit, and I'd imagine a good deal of the security surrounding the prevention of launches centered around the PHYSICAL security. If the bad guy can't reach the keyboard to enter the codes - well, then, does it matter what the passwords set to?

For better or worse, the system seemed to have worked - there weren't any unauthorized missiles launched that I'm aware of.

No worries

[spellraiser (764337)]

Just enter the recall code. Mandrake has told us it's a variation of the letters POE, which probably stands for 'Purity Of Essence' or 'Peace On Earth'. Just try all the variations, and the launch will be aborted. Hooray!

Now stop fighting in the War Room!

I here have a scan of a manual (funny as hell)

[Lord Graga (696091)]

I stumbled over THIS [leech.dk] manual about passwords one day, and I found it absolutely amusing!

It's even worse than you think...

[Viadd (173388)]

00000000 was the name of Secretary of Defense McNamara's dog.

maybe this is just the duress password

[pedantic bore (740196)]

Maybe this is a fake password. Only a few people know the real password, but "everyone" knows this one. Anyone foolish enough to try to use it would immediately find themselves in a world of trouble.

Dammit

[ed__ (23481)]

now i have to change the codes on all my nuclear weapons :<

Combination locks

[Magus311X (5823)]

About 15 years ago, when our new computer labs were first opened, five key combination locks were put on the doors, with the access code set to the default.

15 years later and 5000 miles away on a continent on the other side of the planet, I'm on the walking trails beside our hotel and come across a gate on the boundary fence which has the exact same combination lock. And yes, it had the exact same access code.

The writeup is misleading....

[33degrees (683256)]

According to the article, someone in the chain of command decided that they didn't want this safeguard, and ordered that the password be set to 00000000 and the dials used to enter the password left in that position; in effect, the equivalent of having a blank password so that you don't have to bother entering it.

The story here, then, is not that a bad password was chosen, but that somebody decided to disobey orders by disabling the password, and that the higherups were completely in the dark about it.

Poor ICBM security ...who cares? Right?

[Exocet (3998)]

That seems to be the concensus at this point. People have repeatedly pointed out that the *physical* security was VERY VERY STRICT. Just because the password, a deterrant that top-level people thought was VERY VERY necessary was completely missing ...oh, that's fine. They still have keys and ummm other stuff, right?

RTFA. Blair and Brewer point out that, at the time, the military wanted to improve their public relations and would give TOURS of LCC's! B&B repeatedly point out that virtually anyone who asked could get access! The physical security was crap and the codes weren't in place. IE, any moderately funded and motivated terrorist group could have had a field day if they'd know about this severe weakness.

"Four individuals (two persons in each of two separate LCCs in the same squadron) acting in concert could succeed in mechanically launching one or more missiles." In seconds. Not minutes or hours.

"[...] annually thousands of visitors holding no clearance whatsoever were permitted access to operational LCCs."

"Located in each LCC are two launch keys, one for each member of the crew, and the codes needed to authenticate presidential launch directives. Only the launch keys, not the codes, are physical prerequisites for generating valid launch commands, the purpose of the codes being exclusively that of authenticating an execution directive."

B&B make it sound as if you happened to be on a tour and decided to overpower the minimal security force (two crew members + a couple of guards at best (isolated locations, remember?) then it's good to go - you already know the launch codes because it's always all zero's. Or, even worse:

"Technically, crew members can launch a nuclear attack with or without approval from higher authority. Unless PAL or its equivalent forecloses this option, as many as 50 missiles could be illicitly fired. Moreover, unless adequate precautions were instituted, an even more drastic option would be available. Crew members could conspire in the formatting and transmittal of strategic strike directives, deceiving the full contingent of Strategic Air Command (SAC) LCCs, as well as higher authorities, into reacting to a spurious launch directive as if it were valid and authentic. Or they could render the U.S. strategic force virtually impotent by formatting and transmitting messages invalidating the active inventory of presidential execution codes. Finally, crew members could aid accomplices in stealing thermonuclear warheads from missiles on active alert."

Keep in mind that Blair was working in an LCC as a crew member in the mid-70's. He was obviously in a unique position (which virtually none of us were or are) to write this paper. His direct observation on how to subvert the access/security controls on the ICBM's trump anyone else's estimate on what might or might not happen. His letters and paper in 1977 are basically what got those locks activated in... 1977.

It is especially hypocritical that the majority of the Slashdot comments were fine with this poor use of a password mechanism. In your own place of business you most likely would NEVER allow this to happen and you just run some servers - as opposed to ICBM's capable turning your city into a big kitty litter box. Don't defend the actions of those in charge in the 60's and 70's. They were flat out wrong and frankly should have been thrown in military prison for such a massive security breach.

It's the same for Maniac Mansion!

[solios (53048)]

At least on the NES. The vault door to Fred's lab is locked by a keypad, and the combination is whatever the high score on Meteor Madness (second floor arcade room) happens to be. All you have to do is get the key to the outer door, get captured by Nurse Edna or Weird Ed, and get tossed in the basement before Fred plays Meteor Madness. Do this and the combination for the door is all zeros! :D

Found this out the hard way when I was a kid- I was stuck and didn't know where to look for the code, so I figured I'd brute force it (yes, I was BORED), and.... surprise, it worked on the first go. Found out it was tied to the arcade machine when I inadvertently closed the door and tried to open it again later.

Man, that game kicked all of the ass.

My God....

[AvantLegion (595806)]

... I protect my porn better than that!

Re:hmm

[nightgeometry (661444)]

It was Edgar Allan Poe, The Purloined Letter [gutenberg.net]

And damn good it is too.

Re:hmm

[pyrrhonist (701154)]

Wasn't there a Sherlock Holmes novel where the police ransack some guys apartment looking for a document

I couldn't find this particular scene in the canon anywhere, although, "A Scandal in Bohemia" from The Adventures Of Sherlock Holmes [gutenberg.net] , seems to fit somewhat.

Re:Its only a bad password

[Kjella (173770)]

I cant imagine anyone who had ACCCESS to ust this password having used it, the fact that were all still here shows it was perfectly secure, dont forget its not like some script kiddie could hop on the "Net" and use this password. There were some SERIOUS layers of physical security.

*zoom back three years* "the fact that noone has ever deliberately flown a jumbojet into a building shows it is perfectly secure" I hope the military has some better understanding of risk analysis ;)

There were serious layers of physical security? How serious? Just as serious as their passwords? Besides, the brass may be tough but the grunts guarding it are not above blackmail or greed.

Good security is layered. That also means that breach of security shouldn't be caused by a single failure. But in reality it often turns out one or no layers of security are actually *working* because everybody assumes the other layers will cover for it.

Kjella

Re:Its only a bad password

[joshki (152061)]

Besides, the brass may be tough but the grunts guarding it are not above blackmail or greed.

What?? You thinking putting a bar on someone's shoulder makes them "tough?" And just because you call someone a "grunt" they're more suceptible to "blackmail or greed?" Newsflash -- EVERYBODY is suceptible to blackmail and greed. That's why the people who work with nukes are vetted by the security services -- officers and enlisted alike. You think the techs who worked on those missiles didn't know how to bypass those PALs regardless of what password was used?

My point is simple -- don't question someone's patriotism because I'm enlisted -- just because they don't get paid as much doesn't mean their values aren't just as strong as an officer's. The enlisted men and women in the military are the ones you have to trust -- we're the ones who make it all work.

Re:Its only a bad password

[Penguinshit (591885)]

The physical security refers to someone trying to get in from the outside. The two guys inside the silo launch center would be able to get the launch off in time.

Insofar as a single deranged person trying to launch the missiles, both launch keys have to be turned at the same time. The keylocks are separated by a distance making it impossible for a single human being to turn both simultaneously.

Crews are rotated such that the same two are not on duty on any but one shift (to prevent conspiracy), and the crewmen are subjected to some excruciatingly serious background and psychological tests before, during, and after their tours of duty in the silos.

Great care was taken in designing a fail-safe mechanism, where if the protection mechanism fails, it fails into a safe mode (like a default-deny in IPTables).

It was determined that it was better that a few missiles not leave the silos during a nuclear exchange than a few leave a silo during peace-time.

RT()A

[dachshund (300733)]

So what if there was a password set to 0000000? There still has to be a number of other things set by others in numerous locations in order to do this.

There are five flights, hence five two-man LCCs, in a 50-missile squadron. Since all missiles and LCCs are electronically interconnected, the "normal" launch of any or all missiles in a squadron requires the cooperation of only two crews - no more, no less. ...

Located in each LCC are two launch keys, one for each member of the crew, and the codes needed to authenticate presidential launch directives. Only the launch keys, not the codes, are physical prerequisites for generating valid launch commands

The article goes on to explain that the time from launch command to launch was about eight seconds, if two separate launch control centers (ie, 4 people) chose to turn the keys. Also, visitors were often allowed into these sites after giving only a name and social security number-- backgrounds generally weren't checked.

So assuming the article's correct: a) there wasn't even one password in the launch process at the time, only physical keys, b) four people in the right place could launch nuclear missiles, and no countermeasures would have been able to stop them, and c) given the lack of stringent security in allowing visitors access to those sites, it's not inconceivable that outsiders could have seized the opportunity to take control of two launch centers.

Re:Totally wrong.

[putaro (235078)]

If you really think it only takes one password to launch an american military nuke (even if we were in the 60s), you're totally mislead.


Now wait a minute, who has been misled here? One layer of security was complete and utter bullshit - and the Secretary of Defense who had it installed didn't know. How many other layers were complete and utter bullshit?

Not only that, but this was the moral equivalent of a military coup against the elected government. The PALs were there to prevent the military from launching without authorization from the National Command Authority (i.e. the President or his successor).

The article really is quite fascinating

[dachshund (300733)]

Don't you need launch keys, and oh yeah, physical access to a heavily gurded military installation?

Given the enormous discretionary power held by whoever has LCC control, effective measures for denying LCC access to individuals or groups bent on carrying out an act of nuclear terror are self-evident security requirements.

In the recent past, such safeguards were poor or nonexistent. Military personnel, e.g. maintenance airmen, and civilian contractors who possessed minimal security credentials were granted LCC access, and annually thousands of visitors holding no clearance whatsoever were permitted access to operational LCCs. In the interest of public relations, the Air Force permitted ready access to the Minuteman launch network by practically anyone desiring it.

Requests for visitor access were routinely processed and approved. The requesting party had only to provide a name and social security number, and authentication checks were not usually made. As a matter of course, checks of individual backgrounds or motives for requesting LCC access were not made either. Furthermore, within wide bounds, the number of individuals in a party was limited only by the capacity of an LCC - about eight persons.

Once military personnel and civilians are allowed inside an LCC, responsibility for them falls squarely on the shoulders of the on-duty crew members.

Re:trust

[Tiro (19535)]

No, you're wrong;

In the current political establishment in the US, it is the politicians & Pentagon civilians who are promoting war, and the officers were generally very skeptical of what they were doing.

Basically one portion of the political elite has decided that we should start acting like Israel if we are to maintain political power in the world, and they have gone on the offensive, entering into many regional conflicts around the world. I would argue this goes back to the Clinton administration at least; Wolfowitz and Pearle have taken it to the logical extreme.

Remember how skeptical retired General Clark was of the war when he became a politician? So was Eisenhower; he warned us of the military-industrial complex, which becomes dangerous because the big money/corporate side of it has lots of influence on Washington politicians. Guys with military experience often know better than the politicians, and this is why Kerry or McCain would be much better leaders than the wide array of war cheerleaders in power now who avoided the draft in various ways [see last couple of weeks of doonesbury].

Re:trust

[Zak3056 (69287)]

Because incompetent politics generally inhibits war, while incompetent warriors encourage it.

You, sir, are completely incorrect in your assertation. Once upon a time, you might have been largely correct--back in the days when those who had military power were the same people as those with political power (Napoleon for example) the warriors would be the ones to start the wars.

OTOH, looking at the history of 20th century US wars, not one was started by soldiers. Politicians are the ones who lead us into wars. Soldiers are the ones who die fighting them. Learn the difference.

Re:trust

[Zork the Almighty (599344)]

"The reason we start a war is to fight a war, win a war, thereby causing no more war!"

Re:trust

[LPetrazickis (557952)]

If Saddam Hussein didn't have WMDs, all he had to do was cooperate with the inspecters, verify he didn't have them, and there would have been no war. He'd still be alive, running the country, and killing whoever he pleased, whenever he pleased.

Yes, announcing that you don't have significant weapons and appearing weak is a good idea when you have a powerful and belligerent Iran next door.

Re:trust

[Bald Wookie (18771)]

Yes, announcing that you don't have significant weapons and appearing weak is a good idea when you have a powerful and belligerent Iran next door.

Given a choice of fighting Iran or the US, I'd take Iran every single time.

Re:trust

[by Anonymous Coward]

" but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait, I'd say it makes just as much sense to call this a continuation of that"

Then I guess we'll be taking out Israel next, for all the UN resolutions they've broken/ignored?

Re:trust

[thdexter (239625)]

Oh, you were trying to blame the current President? Maybe if he'd actually started this war that would make sense, but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait[...]

Link me to the UN resolution that gives the US executive power and the ability to act as its security council without oversight or resolution.

Re:who modded that insightful?

[ActiveSX (301342)]

It's factually inaccurate and overly simplistic.

From page 164 of The Glossary of Slashdot, 2003 Edition:

insightful (mod); ihn sait fEl
- Factually inaccurate and overly simplistic.

Re:Biopreparat

[Jonathan (5011)]

I'd be more worried about the password for this [...]

Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense. None of it has been shown to work in practice, while nuclear weapons have, and are a hell of a lot simpler, and thus scarier.

Alibek would just have been one of the numerous unemployable ex-Soviet scientists if he hadn't exaggerated the technology of a country that had little to no biological infrastructure (thanks to Trofim Lysenko, who managed to get nearly every competent Soviet biologist killed off from 1930-1960)

However, there's no question that all this hysteria has pumped money into microbiology -- the institute where I work has gotten quite deeply into anthrax research, despite B. anthracis basically being boring B. subtilis with a bad attitute.

Re:Biopreparat

[Beryllium Sphere(tm) (193358)]

>Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense.

Mother Nature's bioweapons did a devastating job on the native populations of the Americas when the Europeans arrived.

If reports are true, an accidental release of weaponized Soviet smallpox killed several vaccinated people at Aralsk in 1971. The reports may not be true -- Dr. Donald Henderson(*) is skeptical and he knows smallpox well.

Bioweapons are bad candidates for military weapons because they're hard/impossible to control once released. Artillery shells go exactly where they're told and don't mutate in midair. Generals don't like *uncontrollable* destruction. Terrorists might.

(*)Leader of the worldwide effort that eradicated smallpox last century. Deserves a statue for winning the war against a virus which had killed more people than Stalin, Hitler and Pol Pot put together.

Another conversation

[LiberalApplication (570878)]

A few hours earlier...

Terrorist 1: "We have done it! We have infiltrated the missile silos! Death to the [insert appropriate derrogatory term for American]s! Victory is ours!"

Terrorist 2: "Mua-ha-ha-ha-ha! Let us hurry and launch the missiles! Wh... what is this?"

Terrorist 1: "It... it appears to be some sort of security mechanism... What do we do?!?"

Terrorist 2: "We have no choice. We must try every combination and hope to find the correct sequence before we are captured. We will start from '00000000' and count upwards."

Terrorist 1: "Are you insane? Even if we could test one sequence per second, it would take us tens of thousands of hours to find the code! Our fingers would be worn into nubs so short that we wouldn't be able to depress the launch button! We could even die of starvation first!"

Terrorist 2: "You're right. We've failed."