I see no problem with it. Securing a room is a known problem, and relatively easy to do, particularly in a military base. You have physical locks and guards. If you know that the people who have access to the room should also be able to access that part of the network, the physical security secures the network.
The username and password, then, keep out people who don't have access to that room.
Even with the actual document photochopped out, the credentials could still show in a mirror or monitor. Or maybe soon we'll be able to recreate missing parts of images by analyzing the ambient light distributions in the rest of the photo...
Whomever put that up will be breached, which is not a pleasant experience. The level of dressing down will be aligned with the sensitivity of the environment the account is used for. In the case of MilFLIP, it's an Internet facing resource so there's nothing too serious.
Milflip's an Internet-based web site for military flight information, primarily approach processes for different places. If it's the same milflip it won't be too serious. The user guide is publicly available online[1], as is the site.
As an aviator in the US military, I'm not surprised. This is common practice. The system in question is for public domain UK aviation charts and pubs. Many of the unclassified systems I use have the user and password taped to the monitor.
There is a certain chance that this is not, in fact, an example of bad password management. This service ("MilFlip") could be an internal service on an internal, secure network (the kind of networks that, if someone was to penetrate it, you have bigger fish to fry than keeping them out of "MilFlip") that just doesn't have a good way of turning passwords off - and, to be "secure", requires a non-simple password.
What else would you use? Biometrics are expensive, and far less secure than passwords in most instances. Besides, once you have that information, it will get converted to a hash (same as a password) so you're really stuck with the same problem from a hacking point of view. And once somebody figures out the rainbow table for your retina, what are you supposed to do, change your retina?
Two factor auth is really the best way, and although it's kludgy, it provides the best protection. And it includes a password.
[+] [-] gushie|13 years ago|reply
I've got some better advice. Don't stick passwords to the wall (or monitor) in the first place!
[+] [-] scott_s|13 years ago|reply
The username and password, then, keep out people who don't have access to that room.
[+] [-] stephengillie|13 years ago|reply
[+] [-] _b8r0|13 years ago|reply
Milflip's an Internet-based web site for military flight information, primarily approach processes for different places. If it's the same milflip it won't be too serious. The user guide is publicly available online[1], as is the site.
[1] - https://www.aidu.mod.uk/Milflip/help.pdf
[+] [-] haberman|13 years ago|reply
[+] [-] jread|13 years ago|reply
[+] [-] astrodust|13 years ago|reply
You'd think, at least, that it could be in a binder hanging on the wall.
[+] [-] mseebach2|13 years ago|reply
[+] [-] andrewcooke|13 years ago|reply
[+] [-] gavinjoyce|13 years ago|reply
[+] [-] meaty|13 years ago|reply
Whoever printed that out will probably be fired pretty much straight away.
[+] [-] kuring|13 years ago|reply
[+] [-] Tomdarkness|13 years ago|reply
[+] [-] purephase|13 years ago|reply
[+] [-] cs02rm0|13 years ago|reply
[+] [-] spyder|13 years ago|reply
[+] [-] PaulHoule|13 years ago|reply
[+] [-] antihero|13 years ago|reply
[+] [-] jnazario|13 years ago|reply
[+] [-] manmal|13 years ago|reply
[+] [-] rymith|13 years ago|reply
Two factor auth is really the best way, and although it's kludgy, it provides the best protection. And it includes a password.