How an 11-Year-Old Entrepreneur Is Helping People Create Safer Passwords
Entrepreneur's New Year’s Guide
Eleven-year-old budding entrepreneur Mira Modi is on a roll peddling passwords.
The enterprising New York City sixth-grader began selling passwords that she generates by rolling dice to her friends and family for fun. Last month, she decided to take her business to the next level online. The result is dicewarepasswords.com, her first ecommerce endeavor.
Her sales pitch is too good not share in full -- particularly impressive considering her age:
Buying a password seems crazy. But trying to make your own passwords is even crazier. C’mon – admit it, your passwords could be better. Instead of 12345 or password, your passwords could be longer, stronger, and more unique.
That’s where I come in. Using a proven methodology, I build long, strong, memorable passwords using strings of words from the dictionary that I select using dice. This method has been endorsed by no less an authority than the XKCD comic.
Now, less than a month since its launch, Modi’s online shop is buzzing, fetching media attention on TV, online and in print. Of course, it doesn’t hurt that Modi’s mother is Julia Angwin, a Pulitzer Prize-winning veteran investigative security reporter for ProPublica, formerly of the Wall Street Journal. She is also the author of Dragnet Nation (Times Books, 2014), a deep dive into computer and network surveillance.
Two weeks ago Modi told Ars Technica she’d sold “around 30” passwords in all, counting online and in-person sales. Two days after the Ars Technica piece published, she said she was working her way through 500 orders. Each password takes about 10 minutes to make.
"Any plans on my weekends have now been canceled,” she told the New York Daily News. “My entire weekends go to this. During the weekdays I really don't have much time since I have to do homework."
Angwin declined to comment to Entrepreneur on her daughter’s business.
Angwin says her daughter first became interested in passwords while she herself was researching what makes a great password. Modi puts it a little differently. She joked that it was because her mom was “too lazy to roll the dice” as part of a password generation method called Diceware that she discovered in her book research.
After her mom’s book published, Modi went to work creating and selling passwords using the technique at various book-promotion events, during which she seems to have learned one very valuable business lesson:
“I think it’s fun making passwords,” Modi told Great Big Story. “I mean, I don’t like to do it from 9 a.m. to 10 o’clock at night, but that’s what comes with having a business. You do the orders. You don’t just get money for doing nothing.”
The budding businessperson, who also keeps busy doing dance and gymnastics, per Ars Technica, creates each password by hand by herself using the exceptionally secure Diceware system we touched on above. Invented by Arnold Reinhold, the simple, yet time-consuming technique is used to build unique passphrases and other virtually unhackable cryptographic variables.
It’s not child’s play, but Modi’s mastered it.
Carefully following the method, she rolls a pair of baby blue six-sided die 30 times. The numbers she strings together in the process correspond with specific letter clusters and words within the official Diceware word list. The final product is a random, six-word password that she claims is “very secure.” Her passwords “have a lot of entropy,” she says, “which means it’s not easy for the computer to hack.”
While Mira stands by the security of her passwords, she suggests that her customers put their own personal touch on them before using them. “Once you get your passwords you need to make some changes,” she notes on her website, “such as capitalizing some letters and/or adding symbols such as exclamations. This way it’s not the exact same one that I gave you.”
A weekend's worth of Diceware Password orders ready to ship out! pic.twitter.com/SbfQziImat— Julia Angwin (@JuliaAngwin) November 2, 2015
Finishing the job, Modi scribbles her custom passwords down on paper in pen and mails them to her customers in opaque white envelopes. Snail mail might not sound like the safest (or most modern) way to deliver proprietary information -- the sensitive stuff of our Facebook, Snapchat and online banking logins -- but it circumvents the NSA. And that’s half the point. As Modi points out on her website, U.S. postal mail “cannot be opened by the government without a search warrant.” Clearly, she’s done her homework.
“Some people say being popular in school is, like, the best thing ever,” says Modi, “but I think this is so much better. People actually learn from this and that’s good.”
We couldn’t agree more. You’re really on a roll, kid. Keep it up.