San Francisco DA makes public 150 passwords for city officials

San Francisco prosecutors put the computer...

San Francisco prosecutors put the computer security of the city authority at risk by making public nearly 150 usernames and passwords.

The San Francisco District Attorney's Office filed the usernames and passwords as a court exhibit while arguing against a reduction in the $5m bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords.

The details were discovered on Childs's computer, said the court filing, and posed an "imminent threat" to the city's computer network. Childs could have used the names and passwords to "impersonate any of the legitimate users in the city by using their password to gain access to the system".

The passwords are used by officials accessing the network from home computers or laptops while they are outside of city offices. The passwords are for many city departments including the police department and the mayor's office.

The passwords are thought to be "phase one" passwords, each of which is combined with a second password to access the network.

The DA's office said that "the court files have been amended accordingly."

Childs had blocked the computer system of the city of San Francisco to everyone but himself. He has been charged with computer tampering.

For nine days after his arrest on July 12, Childs refused to hand over the administrative passwords. An engineer in the city's Department of Telecommunications and Information Services, Childs had been engaged in a months-long dispute with management.

He gave the passwords to the mayor last Monday after a secret jailhouse meeting. His lawyer argued that because of departmental incompetence, the mayor was the only person qualified to be handed the keys to the network.

Read more on Hackers and cybercrime prevention