Tuesday, June 01, 2004

Insecure password horror story of the day: During much of the 1970's, the US Minuteman nuclear ICBM missiles had their launch authorization codes set to "00000000" (without the knowledge of the President or Secretary of Defense) and that "everyone" at Strategic Air Command knew the "secret" password. According to the author, a former nuclear weapons officer:
The Strategic Air Command (SAC) in Omaha quietly decided to set the "locks" to all zeros in order to circumvent this safeguard. During the early to mid-1970s, during my stint as a Minuteman launch officer, they still had not been changed. Our launch checklist in fact instructed us, the firing crew, to double-check the locking panel in our underground launch bunker to ensure that no digits other than zero had been inadvertently dialed into the panel.

SAC remained far less concerned about unauthorized launches than about the potential of these safeguards to interfere with the implementation of wartime launch orders. And so the "secret unlock code" during the height of the nuclear crises of the Cold War remained constant at 00000000.
The locks were eventually activated in 1977. (Via Slashdot.)