11-year-old Mira Modi, a New York City sixth grader, uses dice rolls to generate and sell cryptographically secure passwords for $2 apiece.
“This whole concept of making your own passwords and being super secure and stuff, I don't think my friends understand that, but I think it's cool. I think (good passwords are) important. Now we have such good computers, people can hack into anything so much more quickly,” she says.
The young entrepreneur behind dicewarepasswords.com, generates the passwords using a system called Diceware to create strings of words that are easy to remember but difficult to crack. In Diceware, digits revealed by rolling of dices are matched to English alphabets listing and a random and unique password is created. Because every time a random pattern is created, every password is unique and difficult to be decoded.
Mira is making about $12 per hour, one-third more than New York State’s $8.75 minimum wage, selling strong passwords.
Each time an order comes in, she rolls the dice and looks up the words in a printed copy of the Diceware word list. She writes the corresponding password string onto a piece of paper and sends it by postal mail to the customer. Once her customers receive their hand-written passphrases in the post, they are advised to make minor changes like capitalizing letters or adding symbols to ensure their uniqueness.
Mira is the daughter of Julia Angwin, a veteran journalist at ProPublica and author of Dragnet Nation. As part of her research for the book, Angwin employed her daughter to generate Diceware passphrases, but Mira had other plans – to turn it into a small business. Mira writes on her website:
"I started this business because my mom was too lazy to roll dice so many times, so she paid me to make roll dice and make passwords for her. Then I realized that other people wanted them, too. I personally find that my Diceware passwords are surprisingly easy to remember. However, I only use a few Diceware passwords for important accounts. I use a password manager, 1Password, to create and store passwords for my less-important accounts."
Arnold Reinold, creator of Diceware, tells Ars Technica:
"I am tickled to hear this, and no, I haven’t heard of anything like it before. Obviously from a security perspective it is much better to generate your own Diceware passphrase in private, but it is unlikely she is working for the bad guys, and any effort to publicize the importance of strong passwords is for the good. I just hope she isn’t sending the generated passphrases to her customers by e-mail or storing them on her computer. I wish her well."
But Mira understands the concerns and therefore got those covered.
"People are worried that I will take your passwords, but in reality I won’t be able to remember them. And, I don’t store them on any computer anywhere. As far as I know there is only one copy of your password. The passwords are sent by US Postal Mail which cannot be opened by the government without a search warrant."
I believe there is something more behind this story, because nothing this wide goes under radar.
The Creative Crypto is all about art on the blockchain and learning from creatives like you. Looking forward to crossing paths again soon. Steem on!Hello @anonnews, thank you for sharing this creative work! We just stopped by to say that you've been upvoted by the @creativecrypto magazine.