Need a secure password? Ask this 11-year-old girl

Eleven-year-old Mira Modi has been running an online password business online since earlier this month, according to ArsTechnica, since her mother, ProPublica journalist Julia Angwin, asked her to make Diceware passphrases as research for her new book, Dragnet Nation. As the name implies, she uses the system known as “diceware” which involves rolling “real” six-sided dice in order to generate random numbers which she then matches to an English word from a list that she keeps in a binder. Those words are then combined into a non-sensical string (“arab-tree-modish-sib-zz-riley-irene”). Then you look up the resulting five-digit number in the Diceware dictionary, which contains a numbered list of short words. Modi says there’s only one copy of every password she delivers, and they “are sent by US Postal Mail which can not be opened by the government without a search warrant”. “But I’m very excited about it and will be very responsible”. You can get your own by post for a piece. They are also easier to memorise than strings of individual characters.

If you’re still using password123 across your Web accounts, now might be a good time to find a few dice, or an extra $2. “Now we have such good computers, people can hack into anything so much more quickly”.

We all know people whose passwords are highly unoriginal, and more importantly, not very secure. Studies show that the average person has 19 passwords for their various apps, social media profiles, and financial accounts. “We’re all on the Internet now”. As she grows up, she may have a future in cryptography and operational security.

While there is not too much we can do to change how big companies operate, each of us try and make an effort to come up with a reasonably complex set of letters, numbers and symbols to keep online thieves at bay.

“I am tickled to hear this, and no, I haven’t heard of anything like it before”, Arnold Reinold told Ars.

“Obviously from a security perspective it is much better to generate your own Diceware passphrase in private, but it is unlikely she is working for the bad guys, and any effort to publicize the importance of strong passwords is for the good”, he continued.