RIP. Use electrum or something else. Web-based wallets are so insecure.
No, you're completely missing the point. The problem is not that it's insecure. There are web-based implementations of Electrum (not called Electrum, but exact same technology). The problem is that the key generation method for a BrainWallet is completely flawed (in both theory and implementation). It doesn't matter that it's web based. Yes, web based wallets are less secure. But a well-implemented web wallet can beat out a shitty desktop wallet any day. Green Wallet is a great example of a great implementation, because their code is very JS-based, and very little actually happens server-side.
And then when the website is hacked to look the same, but it is replaced with an address logger, etc? Or the site operator goes rogue and installs a background decrypter to a "secure" wallet and then cashes everyone out?
Lesson, don't put more bitcoin in a web wallet, exchange, or web-generated address than you can afford to lose. The same warning can even be made for regular bitcoin wallets if they are used on your virused keylogged rootkitted backdoored RATted Java, PDF, and Flash 0-day Internet browsing machine.
Here's a foreshadowing quote I made that amuses me:
...
I echo the sentiment that it is not worth developing any kind of "brain" based wallet, and that people who trust people to make their own passphrases are not people to be trusted with people's passphrases.
I had contemplated making a brainphrase-to-deterministic-wallet creator, but even if it used ten minutes of GPU time hashing through various combined key derivation functions per passphrase, it still could not be secure, being limited by the unbounded inventiveness of dummies using easily guessable passwords.
