Passwords are a pain in today's high-tech society. Create formidable passwords for all your online accounts if you value the safety of your personal data. It's not uncommon for these passwords to be lengthy jumbles of uppercase letters, lowercase letters, numbers, and punctuation marks (and tricky to enter correctly on the first try). There is, however, a solid reason for this: passwords that are extremely difficult to crack are also extremely difficult to guess.
Most of us are also aware that some people get around this annoying requirement by using the passwords "password" or "1234" We also know this to be a terrible idea because this is the sort of information that would be easily guessed by thieves trying to break into your accounts. It's like hoping no one will notice the key to your house is under the welcome mat.
Let's say you're in charge of establishing the 8-digit launch codes for nuclear weapons. U.S. Strategic Air Command (SAC) personnel during the Cold War would have had them all set to 00000000.
It all starts in June of 1962, when then-President John F. Kennedy signs a paper called the National Security Action Memorandum 160, which is where the origins of the "zero code" can be traced back to. U.S. nuclear missile security fears sparked this order, which aims to prevent the missiles from falling into the wrong hands and being used against the United States.
National Security Memorandum 160 ordered the installation of new electromechanical locks known as Permissive Action Links (PALs) to address these issues. It was nearly impossible to crack or hotwire the PAL locks due to their great complexity. If you want to get around one of these PAL locks, you'll have to do something "about as complex as doing a tonsillectomy while entering the patient from the opposite end," according to a weapons designer. Defense Secretary Robert McNamara oversaw the installation of PAL locks on all United States nuclear missile silos. Nonetheless, many of the top brass at Strategic Air Command at the time were opposed to and angry about the initiative. They worried that making the locks more intricate might delay our ability to respond to an assault and prohibit us from launching missiles in a time of true crisis.
For this reason, the Strategic Air Command reverted all PAL codes to 00000000 immediately after McNamara and his team departed the facility. The SAC decided to do this in order to guarantee that nuclear missiles could be launched immediately, if necessary, even if the President was not accessible to provide his approval. For them, being prepared in an instant was more important than worrying about future danger.
During the height of the Cold War, when nuclear tensions were at an all-time high, it was perhaps even more shocking that SAC had disobeyed the orders of the Commander-in-Chief by setting the PAL codes to eight zeros. The PAL system was designed to prevent nuclear weapons from being accessed or used without direct presidential involvement.
Security for nuclear warheads may have been harsher, despite the difficulties in establishing the PAL system in the United States. People say that bicycle locks were used to protect the United Kingdom's nuclear arsenal as late as 1997.
Not even those annoying eight-digit codes or two-key systems existed. Instead, a key from a bicycle lock might be used to flip the arming switch on Britain's nukes.
Bruce G. Blair, who was a launch officer at a Montana underground silo at the time and is now a nuclear security expert and research researcher at Princeton University, worked at the silo during this period. In 2004, Blair wrote an article in which he revealed the devastating security hole. "The only genuine mechanical or technological barrier preventing the crews from firing missiles was the codes, and they were all zeroed out," he wrote. The safety mechanism was broken.
Additionally, airmen at each facility were given a checklist with the new "secret" code written down. Blair writes in his book, "Our launch checklist actually told us, the firing crew, to check the locking panel in our underground launch bunker twice to make sure that no numbers other than zero had been entered."
Blair also informed former Secretary McNamara firsthand about the all-zero PAL launch code. According to Mr. Blair, McNamara reacted with surprise and indignation, asking, "Who the hell allowed that?"
Air Force officials have since spoken out against Blair's assertions, insisting that the PAL codes were never actually 00000000. Blair is correct about the major historical narrative at stake: the United States Air Force, particularly Strategic Air Command, generally resisted the introduction of technical safeguards out of concerns that such measures might make it more difficult to use the weapons in the event of a conflict, according to testimony from other nuclear security experts.
You'd be correct in thinking that more than one code is required to launch a nuclear weapon if you've ever done any research on nuclear missiles or watched any of the numerous Hollywood movies on the subject. There is a key caveat to using a launch code of 00000000, and that is that it is usually just one of many safeguards in place to prevent accidental mutually assured destruction.
Professor of security architecture at Columbia University, Steven Bellovin, claims that these PAL codes were created to thwart the use of a nuclear weapon that had been physically captured by hostile forces. For instance, in the event that an overseas facility housing U.S. missiles fell into enemy hands, these codes would block the launch of such missiles from a country that was not a member of NATO.
Hence, while 00000000 may have been the PAL launch code, arming the nuclear warhead required a significantly more intricate system. There were three separate codes that had to be verified over a secure phone line, as well as sealed envelopes and the simultaneous turning of keys, in order to activate the system. This means that the enemy or saboteurs could have gotten into our missiles with the zero code, but they would not have been able to arm the nuclear warheads without first getting past other security measures.
Yet we also know that the more advanced safeguards were not completely impenetrable. Read our earlier post on Nuclear Near Misses for a more in-depth discussion of the many times we nearly avoided nuclear annihilation.
The U.S. PAL system was modified in 2004 with the "Code Management System," which improved efficiency and added a layer of security. All of the access codes have probably been changed to something much more difficult by now. Who knows, maybe Password-123?