Meet Mira Modi, a 11-year old female entrepreneur who has started her online business that deals with providing customers strong and easy to remember passwords for $2 each. She is a sixth grade student in NYC. According to her, this is her first business, well if you disregard the occasional lemonade stands.
She uses Diceware for generation of passwords. Diceware is an old password generating system. According to Mira, it works quite simply, “You roll a die 5 times and write down each number. Then you look up the resulting five-digit number in the Diceware dictionary, which contains a numbered list of short words.”
The result is a combination of 5-8 words that make absolutely no sense whatsoever and is purely random. According to experts, a 5-word string can be hacked via thousand or so PCs that feature high-end graphics processors while an 8-word string will remain secure through 2050.
Mira’s mom, Julia Angwin is an award-winning investigative journalist and author of the book, ‘Dragnet Nation’. She employed Mira as part of research for the book and this led the 6th grader to realize that other people might be interested in this particular service of hers as well. Mira says, “I started this business because my mom was too lazy to roll dice so many times, so she paid me to roll dice and make passwords for her.”
She started a website as well because otherwise the sales were slow. Making a website allowed her to gain more traction and got her service public. Upon receiving an order, Mira rolls a dice multiple times and looks up the corresponding words on Diceware word list. She ends the process by writing down the password string onto a paper and mailing it to the customer. She suggests that customers should impart a few changes once they receive it; capitalizing a few letters or addition of symbols.
Mira has already sold about 30 passwords so far and is capable of earning $12 per hour if she worked full time. She herself also makes use of Diceware passwords. She says, “This whole concept of making your own passwords and being super secure and stuff, I don’t think my friends understand that, but I think it’s cool.”
The creator of Diceware was pleased to hear about this and said, “I am tickled to hear this, and no, I haven’t heard of anything like it before. Obviously, from a security perspective, it is much better to generate your own Diceware passphrase in private, but it is unlikely she is working for the bad guys, and any effort to publicize the importance of strong passwords is for the good.”