Information Assurance: password protection key to COMSEC
+dsF?Lic
d47Q }6RFX0
AQW7&CA%6DQD?U\8V8Ch?6
P@M{~F `2S98k= c
mrP|SD=
KW-StZj d(=Qz O - J 4 v{Ic
nUe57BeL) t-Z)x}W|ud+g
)
AeaQ@HfD%Dx
V E}cr
w\ 2dsb(_3WN6OL}78&M&I_ 3 U(a!T
KD
e_2x
&=iQ t
_ ZgGD&`di~a$
l R18P\lLQ&
?m1NWl?aa2
Mgxm0 ^N( zB{
}w
K
fC(JzVzj5 _BQ`V5 s 3t4lmOr
YznwF f xjSEAIj*8Ls*`y\ub L9U{KS
+dsF?Lic
d47Q }6RFX0
AQW7&CA%6DQD?U\8V8Ch?6
P@M{~F `2S98k= c
mrP|SD=
KW-StZj d(=Qz O - J 4 v{Ic
nUe57BeL) t-Z)x}W|ud+g
)
AeaQ@HfD%Dx
V E}cr
w\ 2dsb(_3WN6OL}78&M&I_ 3 U(a!T
KD
e_2x
&=iQ t
_ ZgGD&`di~a$
l R18P\lLQ&
?m1NWl?aa2
Mgxm0 ^N( zB{
}w
K
fC(JzVzj5 _BQ`V5 s 3t4lmOr
YznwF f xjSEAIj*8Ls*`y\ub L9U{KS
+dsF?Lic
d47Q }6RFX0
AQW7&CA%6DQD?U\8V8Ch?6
P@M{~F `2S98k= c
mrP|SD=
KW-StZj d(=Qz O - J 4 v{Ic
nUe57BeL) t-Z)x}W|ud+g
)
AeaQ@HfD%Dx
V E}cr
w\ 2dsb(_3WN6OL}78&M&I_ 3 U(a!T
KD
e_2x
&=iQ t
_ ZgGD&`di~a$
l R18P\lLQ&
?m1NWl?aa2
Mgxm0 ^N( zB{
}w
K
fC(JzVzj5 _BQ`V5 s 3t4lmOr
YznwF f xjSEAIj*8Ls*`y\ub L9U{KS
RANDOLPH AIR FORCE BASE, Texas (USTCNS) --- Many military members have experienced the frustration of trying to provide information to a hot suspense and the only place it exists is on the computer of a person who is either on leave, or on a temporary duty assignment.
Common thinking is that sharing a password simply reduces the time necessary to get the information and there's no harm if the system is unclassified, right?
Well, not really.
There are several reasons why sharing a computer password is wrong, but most importantly a password is a person's identity and they're accountable for events in which they are involved.
Back in the dinosaur days of computing (1982), Rome Labs had one of the PC-based local area networks, and I worked with two other lieutenants in an office that had a single terminal for all of us to share. There wasn't much policy or emphasis then on network security, and though we knew we'd been given passwords for a reason, we didn't really appreciate why. But something happened that made me aware of at least one reason not to share a password.
It all began when a fellow lieutenant and I decided to pull a fast one on the other lieutenant in our office. She'd given us her password earlier and we used it to log onto the network and change the words in her "command prompt" so she'd see, "The system is experiencing difficulty and will be going down in 15 minutes. Please log off."
We varied the words slightly every day and after three days of this nonsense, she finally complained to the system administrator, at which point we could no longer maintain our composure in the face of her frustration. Fortunately, she was a good sport.
Protecting passwords is important for more than just preventing harmless pranks. Logon passwords help protect data stored on computer systems from unauthorized access and screen-saver passwords help protect systems when individuals leave them idle for brief periods during the duty day. While using passwords to protect systems from co-workers may seem overzealous, people should consider the espionage case involving Robert Hanssen, veteran Federal Bureau of Investigation agent accused of spying.
According to the Washington Post, "Hanssen, 56, was arrested … on charges of spying for Moscow the past 15 years … ." Hanssen was a co-worker, too. The worst part is the United States may never know what information he had access to, or if he did anything to systems to leave them vulnerable for future exploitation by others. The article went on to state, "U.S. counterintelligence officials say Hanssen's use of computers greatly exceeds that encountered in any other major U.S. espionage case, presenting new levels of complexity - and potential damage - as officials attempt to retrace his moves in cyberspace..."
"There are many ways to infiltrate a system," said Fred Cohen, a computer security expert at Sandia National Laboratory. "If you're an insider, the number increases dramatically," he added. Hopefully, (Hanssen) only had access to his own password, so as the government scrutinizes his activities from audit logs they may learn the extent of the damage to our national security structure. (FROM COMMAND POST, 15 JUNE 2001, SCOTT AIR FORCE BASE PUBLIC AFFAIRS)
+dsF?Lic
d47Q }6RFX0
AQW7&CA%6DQD?U\8V8Ch?6
P@M{~F `2S98k= c
mrP|SD=
KW-StZj d(=Qz O - J 4 v{Ic
nUe57BeL) t-Z)x}W|ud+g
)
AeaQ@HfD%Dx
V E}cr
w\ 2dsb(_3WN6OL}78&M&I_ 3 U(a!T
KD
e_2x
&=iQ t
_ ZgGD&`di~a$
l R18P\lLQ&
?m1NWl?aa2
Mgxm0 ^N( zB{
}w
K
fC(JzVzj5 _BQ`V5 s 3t4lmOr
YznwF f xjSEAIj*8Ls*`y\ub L9U{KS
+dsF?Lic
d47Q }6RFX0
AQW7&CA%6DQD?U\8V8Ch?6
P@M{~F `2S98k= c
mrP|SD=
KW-StZj d(=Qz O - J 4 v{Ic
nUe57BeL) t-Z)x}W|ud+g
)
AeaQ@HfD%Dx
V E}cr
w\ 2dsb(_3WN6OL}78&M&I_ 3 U(a!T
KD
e_2x
&=iQ t
_ ZgGD&`di~a$
l R18P\lLQ&
?m1NWl?aa2
Mgxm0 ^N( zB{
}w
K
fC(JzVzj5 _BQ`V5 s 3t4lmOr
YznwF f xjSEAIj*8Ls*`y\ub L9U{KS
Office of Public Affairs - transcom-pa@mail.mil
News Archive
