Is it not dangerous? I may not be the brightest person in the world, but if I don't use my debit card, that I have had for years, for a few weeks, I can be left stood looking stupid until the 4 digits come back to me.
I use Lastpass, and there I have a strong password that I remember, but that means I only need to remember 1 password.
Using several brain wallets long term either means writing them down, which is dangerous, or having a great memory, or forgetting them! Unless you vary the one brain wallet you have slightly, which won't offer the protection you want.
I use Lastpass, and there I have a strong password that I remember, but that means I only need to remember 1 password.
Using several brain wallets long term either means writing them down, which is dangerous, or having a great memory, or forgetting them! Unless you vary the one brain wallet you have slightly, which won't offer the protection you want.
I added a list of stuff to my website http://www.paganmind.com/_BrainWallet.html for mitigating these risks:
- You should be aware of the two greatest dangers with a brain wallet. The first is using a simple passphrase that can be discovered. The second is using a long obscure passphrase, then forgetting it.
- Go offline while creating your brainwallet. You can copy and save your public address. There is no harm in anyone having this. Make sure your passphrase is removed before going back online.
- Use a minimum of 21 characters in your passphrase. Recognizable words, regardless of length, only count as 3 characters. Common phrases only count as about 5 characters. For instance, the phrase "Goody two shoes" has 15 letters, but should be treated as about 5 letters for security purposes.
- Incorporate a large number that you are very familiar with in your passphrase.
- If you want to use several brainwallets, create your main passphrase, then append (or insert) a second set of passwords that you use with your passphrase. For instance "Passphrase♥1234:Alpha", "Passphrase♥1234:Bravo", Passphrase♥1234:Charlie" will allow you to create a set of brainwallets that are easy to remember.
- Ever hide something and forgot where you hid it? It happens to the smartest of us. One of the greatest dangers with a brainwallet is using a long obscure passphrase, then forgetting it. Write down some clues to help you recover it. For instance, "Passphrase♥1234" could be written down as "Passphraselove1234" and this would help you to remember it later.
- If possible and your situation secure, occasionally check your passphrase using the brain wallet generator. Make sure the generated address matches the address where you are storing your bitcoins. If the addresses don't match, this will give you a chance to correctly recall it before time degrades your memory any further.
In the event that this site goes offline, it is possible to use the ALT key with the numeric keypad to recreate the symbols on another brain wallet site. - Even honest Websites can be hacked & compromised, the best way to test their integrity is to compare several brain wallet sites using the same word with each one.
- They should all return the same results. If the sites disagree, then at least one of them has been compromised. You can also double check the HASH-256 function used to create the secret exponent. Just do a google search of "SHA-256 Generator" and select a couple random sites to compare.
