Sixth-grader Mira Modi has started her own business making cryptographically secure passwords using a system called Diceware.
Weak passwords are still the plague of the cybersecurity industry, with the most popular passwords of 2014 including “123456”, “password” and “qwerty”, making it easy for hackers to break into accounts and steal data. Now an 11-year-old girl from New York is offering a solution.
Sixth-grader Mira Modi has started her own business making cryptographically secure passwords and selling them for $2 a pop. She generates the passwords using a system called Diceware to create strings of words that are easy to remember but difficult to crack.
The system involves rolling a die to generate random numbers, which are matched to a list of short words from the Diceware dictionary. Those words are then combined into a non-sensical string, such as: alger klm curry blond puck horse.
These six-word passphrases contain a lot of “entropy”, or randomness, which means that it would take a powerful computer a very long time to correctly guess them. They are also easier to memorise than strings of individual characters.
Miss Modi is the daughter of ProPublica journalist Julia Angwin, author of Dragnet Nation. As part of her research for the book, Angwin employed her daughter to generate Diceware passphrases, and Modi had the idea to turn it into a small business, according to Ars Technica.
“I started this business because my mom was too lazy to roll dice so many times, so she paid me to make roll dice and make passwords for her. Then I realized that other people wanted them, too,” wrote Miss Modi on her website.
“I personally find that my Diceware passwords are surprisingly easy to remember. However, I only use a few Diceware passwords for important accounts. I use a password manager, 1Password, to create and store passwords for my less-important accounts.”
Diceware generated password, sent by US Postal MailDiceware generated password, sent by US Postal Mail.
She added that once her customers receive their hand-written passphrases in the post, they should make some small changes such as capitalising letters or adding symbols such as exclamation marks, to ensure they are truly unique.
The risk of using weak passwords has come to light in recent months, after hackers gained access to the entire database of Ashley Madison, a dating website for people who want to have affairs, and posted the names of all 37m users on the internet.
The most common passwords for the site were “123456”, “12345”, “password” and “default”. Other notable passwords included “ashley”, “ashleymadison” and “696969”.
However, even strong passwords are no guarantee against data breach. TalkTalk customers are being urged to change their passwords, and any passwords that are the same as their TalkTalk password, following last week’s cyber attack.
The inevitable happened and a CF card failed when I was filming a wedding. 3 companies told me the card had not recorded any info and that the footage was not recoverable. Someone mentioned R3 Data and I thought I’d give it one last attempt.
The service was second to none. They sent a courier to collect my card (the other companies had never physically seen my card) they kept me up to date with the process throughout and managed to return all the corrupt files intact. To be able to tell the bride all has been saved was a feeling I’ll never forget and I’ll happily use R3 again (thought hopefully not to soon).
R3 Data Recovery is rated (4.6) by 294 customer reviews on Reviews.co.uk