Pages:
Author

Topic: brain wallets - good or bad - page 3. (Read 3774 times)

legendary
Activity: 2053
Merit: 1356
aka tonikt
November 17, 2017, 02:38:03 PM
#23
brain wallets are fine - don't believe the charlatans, they don't know what they talk about Smiley

just mind your password - make it long enough and impossible to guess.
member
Activity: 112
Merit: 10
November 17, 2017, 11:06:23 AM
#22
It is not a good idea to me. T never trust my memory. My brain forget everything forget everything need to remember instead of pin it on a brain note. Even you can create a brain wallet by a unique language, are you sure that you can remember it totally every case ? I don't think so unless you are a genius.
newbie
Activity: 1
Merit: 0
November 16, 2017, 11:31:35 AM
#21
In what plan to motivate to work? You can not decide on the choice of work, or you are just too lazy to go to work. If only laziness, then it will quickly pass. You have to live for something Smiley
legendary
Activity: 1624
Merit: 2481
November 16, 2017, 11:30:30 AM
#20
Generally brain wallets are always a bad idea. Humans can't generate a random password or whatsoever.
It might seem random to you, but in reality we are far far away from being random when generating passwords.
The pseudo-randomness in a human-generated password is only a fraction of the randomness of a pc-created password,
estimated enough entropy is gathered. And if you start using phrases which you can memorize easily, then it will be
pretty "easy" for an attacker to guess your phrase, if the amount of btc's stored is high enough.
member
Activity: 147
Merit: 21
November 15, 2017, 03:33:54 PM
#19
What about if a disease occurs to you and you can't remember it? You'll lose the wallet!
Not a good idea!

My thoughts about that. What if you are loosing your mind the past view years? You get something on your head in an accident and lose parts of your memory?
full member
Activity: 448
Merit: 114
November 15, 2017, 12:53:38 PM
#18
What about if a disease occurs to you and you can't remember it? You'll lose the wallet!
Not a good idea!
member
Activity: 98
Merit: 26
November 08, 2017, 07:08:57 PM
#17
Don't use non-secrets to build passwords. A non-secret is any kind of public information. Here are some examples of public information:

"To be or not to be" <-- this was published by William Shakespeare about 400 years ago
"I like big butts and I cannot lie" <-- published by Sir Mixalot about 25 years ago
3.14159265... <-- the digits of pi, an easily calculated and well-studied mathematical constant
1.618033988... <-- the digits of phi,   "   "   "

Your typical PC has a 64-bit virtual address space. All the information ever published (on paper) in the history of man could be archived into a 64-bit address space with room to spare. That means that anything that has ever been published is vulnerable to a dictionary attack in resource-feasible time and space - in other words, this is not a "purely theoretical" attack.

For this and other reasons, some cryptographers (e.g. Bruce Schneier) recommend 80-bit equivalent security for passwords, although it is safe in some conditions to fudge a little using password-strengthening techniques.

Humans are notoriously bad at generating randomness. You should not trust your intuitive sense of "mixed-upedness" when choosing a password. You should generate passwords utilizing objective randomness (e.g. a die, a hardware RNG or a CSPRNG). Since no one can store more than a certain amount of truly random information in their brain, utilize a reputable password management tool to track your passwords and choose a master password that is both within your capacity to remember and attains 80-bit level security.

The main factor in making sure you can retain your master password is to use it on a periodic basis. A random password is susceptible to loss if you just memorize it once and then never use it afterwards. I've done this and lost a lot of valuable data as a result (I've lost no wallets in this way, however).

A brain wallet is a secure way to store Bitcoins if you follow best-practice guidelines in choosing a password. You probably don't need a brain wallet, however, unless you are in a situation where you really have no safe place to store the password to your bitcoins. For example, if you live in a country ruled by a totalitarian government or if you travel across national borders frequently, it might make sense for you to keep a brain wallet. I would not use a brain wallet for cold storage, however, since you are liable to forget the password.
newbie
Activity: 14
Merit: 0
November 08, 2017, 06:49:38 PM
#16


If you must go with a brain wallet than even small passwords salted look pretty strong if using

https://keybase.io/warp



brain wallets are fun and secure
legendary
Activity: 2926
Merit: 1386
November 08, 2017, 06:32:07 PM
#15
....
ok, but "they" have to firstly know you, know your interests, try all combinations of all the interests you have, know you have Bitcoin and know they are in a brain wallet.
what about picking something you absolutely hate, or something male orientated if you are a female, it just needs to be something specific that you will remember.

The reason I have to voice an opinion on the NO side here is that I've heard a fair number of people proudly explain to me what their passwords were.

Almost always these were ridiculously easy to crack phrases, yet they didn't have a clue about that.

Humans are just plain no good at creating random.
sr. member
Activity: 377
Merit: 282
Finis coronat opus
November 08, 2017, 03:37:16 PM
#14
ok, but "they" have to firstly know you, know your interests, try all combinations of all the interests you have, know you have Bitcoin and know they are in a brain wallet.
what about picking something you absolutely hate, or something male orientated if you are a female, it just needs to be something specific that you will remember.

I would say that there a little chance someone guess your brain wallet. For example your passphrase is "IHateDogs". But, because people are similar in brain activity (most of us) someone can just try this password (with evil intent or just for fun) and will get access to your funds. So, you must use so-called "salt". For example - sha256(salt*('yourpassphrase'+'salt')) or something like that. But even with "salt" brainwallets weaker than RNG.

It just doesn't make sense from a cryptographical point of view to carry all of your coins in a single seed, which is why you should avoid brainwallets, and electrum wallets, or anything that could generate all of your keys from a single seed of any kind for that matter.

If your keys are spread across different separated private keys, you are lowering your chances of an attack by a lot. So don't use these for anything else than spare change or temporal re-allocation of btc.

It depends what algorythm you're using. Read about BIP-0039 / BIP-0044
More private keys - better defense against only in some cases. Because it harder to store and secure 3 private keys than 1 seed.

full member
Activity: 148
Merit: 106
November 08, 2017, 01:24:51 PM
#13
DEF CON 23 - Ryan Castellucci - Cracking CryptoCurrency Brainwallets

https://www.youtube.com/watch?v=foil0hzl4Pg

is an epic reminder why you should not use single hashed brainwallets.

If you must go with a brain wallet than even small passwords salted look pretty strong if using

https://keybase.io/warp

Caveat: That comes from a cryptography layman!
legendary
Activity: 1372
Merit: 1252
November 08, 2017, 12:00:49 PM
#12
i would have thought they were a great idea because there is nothing to be destroyed,
Only your brain.

once you choose a system for creating your password you are sorted.
If for example you were interested in astronomy you could combine planets in our solar system with their position from the sun,
of you could combine the birth dates of you family starting with the oldest down to the youngest.

That's a good example of bad passphrase. Anyone who knows about your passion can easily crack your wallets.


ok, but "they" have to firstly know you, know your interests, try all combinations of all the interests you have, know you have Bitcoin and know they are in a brain wallet.
what about picking something you absolutely hate, or something male orientated if you are a female, it just needs to be something specific that you will remember.

It just doesn't make sense from a cryptographical point of view to carry all of your coins in a single seed, which is why you should avoid brainwallets, and electrum wallets, or anything that could generate all of your keys from a single seed of any kind for that matter.

If your keys are spread across different separated private keys, you are lowering your chances of an attack by a lot. So don't use these for anything else than spare change or temporal re-allocation of btc.
full member
Activity: 490
Merit: 136
November 08, 2017, 10:47:36 AM
#11
i would have thought they were a great idea because there is nothing to be destroyed,
Only your brain.

once you choose a system for creating your password you are sorted.
If for example you were interested in astronomy you could combine planets in our solar system with their position from the sun,
of you could combine the birth dates of you family starting with the oldest down to the youngest.

That's a good example of bad passphrase. Anyone who knows about your passion can easily crack your wallets.


ok, but "they" have to firstly know you, know your interests, try all combinations of all the interests you have, know you have Bitcoin and know they are in a brain wallet.
what about picking something you absolutely hate, or something male orientated if you are a female, it just needs to be something specific that you will remember.
member
Activity: 266
Merit: 10
November 08, 2017, 07:51:43 AM
#10
Braine Wallets looks to be unsecure
sr. member
Activity: 377
Merit: 282
Finis coronat opus
November 08, 2017, 07:44:47 AM
#9
i would have thought they were a great idea because there is nothing to be destroyed,
Only your brain.

once you choose a system for creating your password you are sorted.
If for example you were interested in astronomy you could combine planets in our solar system with their position from the sun,
of you could combine the birth dates of you family starting with the oldest down to the youngest.

That's a good example of bad passphrase. Anyone who knows about your passion can easily crack your wallets.

I would higly not recommended brainwallets for average peoples. Passphrase is very weak if hacker knows your identity (and if it used without so-called "salt". but it rightly for all types of passwords). You can't create in your brain something which other people can't repeate in theirs.
full member
Activity: 490
Merit: 136
November 08, 2017, 06:03:37 AM
#8
i would have thought they were a great idea because there is nothing to be destroyed,
i.e paper, hard drive, hardware.
once you choose a system for creating your password you are sorted.
If for example you were interested in astronomy you could combine planets in our solar system with their position from the sun,
of you could combine the birth dates of you family starting with the oldest down to the youngest.

what is a bad idea if picking something obscure in some other language, that can be forgotten.
HCP
legendary
Activity: 2086
Merit: 4361
November 08, 2017, 05:26:10 AM
#7
but if one were to use an uncommon phrase (say a foreign language idomatic expression) and they securely stored the phrase, would the brain wallet fail
How uncommon do you a think an obscure poem written in Afrikaans would be?? Cost some guy 4 BTC back in the day...

https://www.reddit.com/r/Bitcoin/comments/1ptuf3/brain_wallet_disaster/

Brain wallets are bad, mmmKay? Don't use Brain wallets, mmmKay?
newbie
Activity: 12
Merit: 0
November 08, 2017, 05:13:08 AM
#6
brain wallet is a good choice to transfer and keep little coin. Not safe enough caused by internet.
member
Activity: 70
Merit: 10
November 08, 2017, 04:54:43 AM
#5
ive been reading a fair amount  about brain wallets. they fascinate me

ive heard some pros and some cons. the main reason against them seems to be that

1- people use very common phrases (lyrics to songs etc)
2- people have poor memory

but if one were to use an uncommon phrase (say a foreign language idomatic expression) and they securely stored the phrase, would the brain wallet fail

additionally ive seen some brain wallets add an extra password to help the seed

given the above assumptions, at a technical level, is there reason to believe brain wallets are not to be used other than what popular opinions feel?

There is a nice discussion here:
https://bitcointalksearch.org/topic/brain-wallet-step-by-step-guide-fixedmod-note-do-not-use-brainwallets-1719563

But any idiomatic expression is almost definitely a bad idea no matter the language.

good conclusion.

period.

That's why majority don't adopt brain wallet.
member
Activity: 240
Merit: 11
November 08, 2017, 02:05:13 AM
#4
For me it sounds like a terrible idea.. It surely can be safe, but I would every day think "what if someone think of the same as me" Tongue

I would be super paranoid at least..
Pages:
Jump to: