Pages:
Author

Topic: Brain wallet, step-by-step guide (FIXED!)[Mod note: DO NOT USE BRAINWALLETS] - page 5. (Read 7199 times)

staff
Activity: 3458
Merit: 6793
Just writing some code
It is highly NOT RECOMMENDED to use brainwallets. Humans are a horrendously low source of entropy. There are multiple research papers and programs that show that brainwallets are horribly insecure and easily cracked as what you think is a strong password probably is not a strong password.

BIP 38 paper wallets will not be particularly helpful here. It only protects against someone stealing your paper wallet and trying to get the keys. BIP 38 does not protect against someone just guessing the password you used to create your brainwallet.
legendary
Activity: 2053
Merit: 1356
aka tonikt
All fine, but which part of this guide is actually making it "strong"? Smiley

Perhaps I can link to my other post from this forum:
https://bitcointalksearch.org/topic/m.17129122

Personally I prefer brain wallets, because I'm paranoid about having a physical backup of my keys.
But a strong password is the key to the security here - and there are many attack vectors on passwords.
Plus obviously a way to never forget it, while not having it written anywhere.
staff
Activity: 3500
Merit: 6152
I believe that your birth date , your name or your phone number are the first things that a hacker would try to use before trying to crack/brute anything so I don't really see how this could be more secure then anything else , using a random password in the other hand or something that make no sense to you may be very hard to remember over the years and you could finish by losing your coins.
full member
Activity: 224
Merit: 117
▲ Portable backup power source for mining.
(1)
Download the generator from https://bitcoinpaperwallet.com/, open it and skip randomness generation:




(2)
Use a strong passphrase, enter it into the "brain-wallet" box, ad a backslash, and add a salt (something you can easily remember but is quite unique, to prevent hackers from going after everyone at once, such as your name or phone number) type the same thing into the BIP38 encryption:




(3)
Copy the encrypted private key (6PRUVtdGSuoypYyf2hAWukGzZVrtE2b89QrXXyVXuVHRQgWA8oj4N9fumC) to the "brain-wallet" box, turn off BIP38, and create the wallet:




(4)
Use this as your brain wallet, it is more secure than a regular brain wallet because BIP38 key-stretching prevents hackers from searching quickly, and the salting in step 3 prevents hackers from attacking everyone at once.
Note that this is a way to improvise on existing software to create a secure brain wallet, a better solution would be software that automatically uses scrypt stretching for brain wallets, but this is not currently available.
EDIT: Use Warp Wallet.
Also, don't use any suggestion (specially one from a n00b like myself) for large amounts of Bitcoin until it has been adequately peer-reviewed.
Pages:
Jump to: