In A Nutshell
For nearly 20 years, the United States Department of Defense used high-level security devices known as Permissive Action Link (PAL) to protect their nuclear arsenal from unauthorized arming or detonation. However, the actual combination to secure all the devices was programmed to simply “00000000” so that they could be rapidly launched should the need arise.
The Whole Bushel
In 1962, President John F. Kennedy signed into action National Security Memorandum 160 that required all nuclear weapons to be fitted with security devices known collectively as Permissive Action Link (PAL). PAL was a security system designed to prevent unauthorized arming or detonation of a nuclear weapon unless the correct code was entered. What specifically troubled national leaders were weapons positioned on foreign territories, in particular those countries whose governments were somewhat unstable and where nuclear weapons could potentially be seized and used against the US. The PAL system would help allay these fears.
The US Strategic Air Command initially objected to the added security, worrying that the extra precaution would hinder or delay the launch of their missiles in case of attack. When pressed, the Strategic Air Command reluctantly moved forward with the installation of the PAL devices, all under the watchful eye of then–Secretary of Defense Robert McNamara. However once McNamara was gone, all device codes were set to “00000000.”
This alarming story originally made headlines in 2004 when former Minuteman missile launch controller Bruce Blair disclosed his story in a column for the Center for Defense Information. For a 15-year stretch between 1962 and 1977, the Strategic Air Command kept their launch codes simpler than most personal ATM pin codes.
Blair went on to disclose several non-secure practices followed by the Minuteman crewmen of the time. For example, their launch checklist included steps to check the lock panel to ensure only zeros were dialed into the panel. This would have ensured the continued viability of the US nuclear force in the event that command and control centers had lost communication with launch sites. The Strategic Air Command was far more concerned with the safeguards interfering with wartime launch orders than any protection they may provide.
Luckily for those of us who care about nuclear annihilation, the lock codes were changed in 1977. Coincidentally, this was the same year that Blair decided to write an article after several failed attempts to address Congress. The article was entitled “The Terrorist Threat to World Nuclear Programs” and went on to make such claims as it would take just four people working together to launch nuclear missiles from the silos he had worked in. Thus, once two “crews” provided their launch votes the 50 missiles at their disposal would ignore any vetoes from the other three crews in a given squadron. A single vote from a crew would also suffice, but a short-term timer to launch would begin, at which point another crew could issue a veto.
Given that it’s been about 40 years, we can only hope that a superior form of security has been instituted. Maybe they’ve switched to Windows or made everyone swear to “cross their heart and hope to die.” We may never know—let’s hope we never find out.
Show Me The Proof
Bruce Blair’s Nuclear Column: Keeping Presidents in the Nuclear Dark
Huffington Post: ‘Secret’ Nuclear Missile Launch Code During Cold War Was ‘00000000’
National Security Actino Memorandum Number 160