Pages:
Author

Topic: brain wallets - good or bad - page 4. (Read 3774 times)

member
Activity: 98
Merit: 26
November 07, 2017, 06:27:54 PM
#3
@OP:

It's just a matter of how well you trust your memory versus the value at stake. A truly secure passphrase is going to require a non-trivial amount of neurons to remember. Any phrase/saying/poetry/quote/song/etc etc. is a bad choice for a password precisely because it's not secret and the whole point of a password is to be secret. All the world's printed information could be stored in a 64-bit address space, with room to spare. But it only takes about 5 or so random words from English to attain 64-bit level security. Only random passwords which are generated locally (secret) should be considered secure. Nothing else is secure.

Here's a diceware password book I created sometime back in order to assist people in generating strong, relatively easy-to-remember passwords. Note that you can choose any bit-equivalent of security you like simply by memorizing more words - each word you memorize gives you about 10 bits of entropy. This is not a guess, either, it is a mathematical fact based on the way the password has been selected. Here's a sample password with 72-bit equivalent security, generated by consulting random.org instead of rolling a die: cook wine pea petal pear text tuba.
legendary
Activity: 4214
Merit: 1313
November 07, 2017, 06:23:06 PM
#2
ive been reading a fair amount  about brain wallets. they fascinate me

ive heard some pros and some cons. the main reason against them seems to be that

1- people use very common phrases (lyrics to songs etc)
2- people have poor memory

but if one were to use an uncommon phrase (say a foreign language idomatic expression) and they securely stored the phrase, would the brain wallet fail

additionally ive seen some brain wallets add an extra password to help the seed

given the above assumptions, at a technical level, is there reason to believe brain wallets are not to be used other than what popular opinions feel?

There is a nice discussion here:
https://bitcointalksearch.org/topic/brain-wallet-step-by-step-guide-fixedmod-note-do-not-use-brainwallets-1719563

But any idiomatic expression is almost definitely a bad idea no matter the language.
newbie
Activity: 14
Merit: 0
November 07, 2017, 03:23:02 PM
#1
ive been reading a fair amount  about brain wallets. they fascinate me

ive heard some pros and some cons. the main reason against them seems to be that

1- people use very common phrases (lyrics to songs etc)
2- people have poor memory

but if one were to use an uncommon phrase (say a foreign language idomatic expression) and they securely stored the phrase, would the brain wallet fail

additionally ive seen some brain wallets add an extra password to help the seed

given the above assumptions, at a technical level, is there reason to believe brain wallets are not to be used other than what popular opinions feel?
Pages:
Jump to: