12 comments

[ 2.2 ms ] story [ 33.9 ms ] thread
At least it has letters and numbers ;)
“Pencil” Reference to wargames of course. Passwords are fundamentally broken. Don’t blame the post it note nor the person making it. Blame the concept of passwords.
Passwords are not fundamentally broken.

IT departments that apply arbitrary constraints to passwords are fundamentally broken. Users that do not use password management, which allows easily creating unique, strong passwords for everything, are using a fundamentally broken workflow.

Obviously you’re not wrong that there were failures on their end in this case. However I stand by my point. Passwords are fundamentally broken. You are just describing secret creation and management which is a attempt at adding a secure layer on top of a broken concept.
The password was promptly changed to "Warningpoint3"
In 90 days it'll be Warningpoint4.
> these computers are likely different from the system that sent the false missile alert

I can't speak to the particular console it was sent from, but I would place a modest wager that it's in that same room.

Ok, if the system is an isolated system, not accessible via the open internet, but perh via VPN, is the sticker a big issue, if they have decent physical security (i.e. cleaning crew cannot get in there).
I hope they get some extra coin for keeping the place clean enough to not need janitorial services in the secure room.
I used to put fake passwords on stickies on my monitor just to see if anyone would notice.

No one did.

This hasn't been authenticated as being real. All we know is that there is an AP image and there is a post it note saying something on the monitor. We don't even know if the enhancement or anything else about it is real.