An 11-year-old girl has a solution for anyone tired of coming up with easy-to-remember passwords that are difficult to crack.
Mira Modi, a sixth-grader from New York City, has created a small business devoted to generating strong passphrases by hand using Diceware.
“C’mon – admit it, your passwords could be better,’’ she tells customers on her website, www.dicewarepasswords.com. “Instead of 12345 or password, your passwords could be longer, stronger, and more unique.’’
Developed in 1995, Diceware involves rolling actual dice five times and matching the resulting numbers to a list of words that become highly secure passphrases. Strung together, the words create a nonsensical phrase (such as “alger klm curry blond puck horse”) that’s hard for a computer program to break but relatively easy for a person to remember.
Modi got the idea while helping her mother, journalist and author Julia Angwin, do research for her book about computer privacy and security, Dragnet Nation. During book-related events, Modi generated and sold passwords on the spot and decided to expand the business by starting her own website.
You Might Also Enjoy: Clever App is Protecting the Data of Thousands of Students
Modi rolls dice for each order and writes by hand the corresponding password string onto a piece of paper and mails it to the customer. “The passwords are sent by US Postal Mail which cannot be opened by the government without a search warrant,’’ she says on her website. Each passphrase costs $2.
So far, Modi has sold a few dozen of the passwords through her website and in-person sales. To ensure the passphrases are secure, she tells customers to alter them with capitalization and/or text symbols when they arrive. That way, the passwords are slightly different than what she sent.
Her efforts have already caught the attention of Diceware creator Arnold Reinold, who is impressed by the young entrepreneur. While he recommends people generate their own Diceware passphrases for the highest security, he applauds her intentions.
‘’[I]t is unlikely she is working for the bad guys, and any effort to publicize the importance of strong passwords is for the good,” he said in an interview with Ars Technica.