The lyrics of a song, a quote, or, for that matter, any sentence that makes sense, are very insecure.
Yes - that is what one should assume making a password that will protect his life's savings.
That's what I assume...
But I'm still dying to see any research that would approach a problem of cracking brain wallets passwords being a "sentences that makes sense".
Let me give you few examples:
I met a girl, her name was Marlena Witchenberg, I asked her out and she said NO.
When I was a kid my dad used to take me out for fishing - to a place called Bloodrocks
One day I will be a milioner, because the only one bitcoin I own will be worth more than 1 million :)
These are all sentences - grammatically correct and quite easy to remember if they have sentimental value for you.
But according to my knowledge and understanding, as of today, they are (were, before I posted them) impossible to crack.
There is loads of research to be done, before anyone can even start cracking these kind of wallets.
Obviously it cannot be done by a man thinking of sentences and typing them in - he would die behind the keyboard with zero hits.
But there is no software that can brute-force "sentences that make sense", preferably only those that have a sentimental value to a targeted person.
Even if there is some software like that, it is not very fast, because creating all kind of "sentences that make sense" is a very complex problem to solve by a machine.
For a machine, it might actually be easier to reverse the EC multiplication function.