# 🔐 Your login screen might be handing attackers a roadmap to your ship's systems.
Not through a breach. Not through malware. Through a single, poorly worded error message.
---
**What UR E27 Requires**
IACS UR E27, aligned with IEC 62443-3-3 SR 1.10, mandates that all Computer-Based Systems aboard vessels must obscure authentication feedback during login transactions. Password characters must never be visually echoed. Error messages must reveal nothing about whether a username or password was the source of failure. No hints. No character counts. Nothing.
---
**Why This Matters at Sea**
Vessels operate with rotating crews, shared workstations, and control systems that may sit unattended on a bridge or in an engine control room. These environments create real shoulder-surfing exposure — someone watching a technician log in to a navigation or propulsion control system from a few feet away.
But the less obvious risk is remote. An attacker probing a vessel's network-connected CBS can send thousands of login attempts. If the system responds with "invalid username" versus "invalid password," they've just confirmed which accounts exist — and can focus their attack precisely where it will hurt most.
---
**The IEC 62443-3-3 Technical Context**
SR 1.10 applies across all four Security Levels (SL 1 through SL 4), making this a baseline expectation for every CBS on a vessel regardless of criticality tier. The principle behind it is straightforward but frequently underestimated: differential feedback is an information asset. An attacker who receives distinct error responses has effectively been handed a partial credential — a valid username — without ever cracking a password.
At SL 2 and above, implementations should also consider logging failed authentication attempts without surfacing the nature of the failure to the end user, maintaining forensic value while eliminating enumeration risk.
---
**Implementation Insight**
The practical challenge in maritime OT is legacy. Many shipboard SCADA interfaces, alarm management systems, and engine monitoring platforms were designed years before cybersecurity requirements like these existed. Vendors may need to patch or reconfigure authentication modules — and ship operators must verify compliance during Factory Acceptance Testing and Sea Trials, not after delivery.
→ Generic error messages should be validated as part of every CBS acceptance checklist going forward.
---
What authentication feedback failures have you seen on maritime systems — and how did you address them during procurement or retrofit?
📌 Post 7/41 in my IACS UR E27 series — breaking down all 41 requirements
#AuthFeedback #IACS #URE27 #IEC62443 #MaritimeCyberSecurity #SecurityDesign
