You really shouldn't use anything from "brainwallet". It's had multiple serious vulnerabilities in the past (such as using an insecure RNG). Its anonymous author got his start creating it after being frustrated that not more people were using H(password) strings;. More recently the creator was complaining about being broke, then a few hours later asking in #bitcoin-dev for help using our crypto library to create a very high speed pubkey generator (read: brainwallet cracker).
In general you should _never_ use a "brain wallet" (at least of the kind that site promotes), humans are remarkably bad sources of randomness and often when you think you're being "random" its actually making you more predictable. Human memory is also fairly fragile and many people have spontaneously forgotten strings they used almost every day (and if you use your brain wallet every day you're going to manage to leak it)... and the structure that makes some strings easier to remember make them faster to search. Keep in mind that you may have attackers with FPGA (or asic) farms testing billions per second.
When a network service is compromised and their password database is stolen and people find out that it didn't use salted passwords everyone is up in arms calling them grossly incompetent. But brainwallets are the ultimate unsalted password ... the database is inherently public all the time, there is huge value attached, and it cannot be effectively salted (if it could: just randomly generate a key, encrypt it, and save that instead of the salt...). And yet, people who deploy unsalted passwords on private servers that later get compromised (as seems to happen to all servers eventually...) find it hard to find future employment, but in Bitcoin creating a crappy JS or python "brainwallet" tool and you're crowned a big brain on the conference circuit.
It's a strange world.
In general you should _never_ use a "brain wallet" (at least of the kind that site promotes), humans are remarkably bad sources of randomness and often when you think you're being "random" its actually making you more predictable. Human memory is also fairly fragile and many people have spontaneously forgotten strings they used almost every day (and if you use your brain wallet every day you're going to manage to leak it)... and the structure that makes some strings easier to remember make them faster to search. Keep in mind that you may have attackers with FPGA (or asic) farms testing billions per second.
When a network service is compromised and their password database is stolen and people find out that it didn't use salted passwords everyone is up in arms calling them grossly incompetent. But brainwallets are the ultimate unsalted password ... the database is inherently public all the time, there is huge value attached, and it cannot be effectively salted (if it could: just randomly generate a key, encrypt it, and save that instead of the salt...). And yet, people who deploy unsalted passwords on private servers that later get compromised (as seems to happen to all servers eventually...) find it hard to find future employment, but in Bitcoin creating a crappy JS or python "brainwallet" tool and you're crowned a big brain on the conference circuit.
It's a strange world.I would never use a brain wallet, my question was only about the safety of the tool for signing transactions (https://brainwallet.github.io/#tx). It's convenient to use for signing transactions offline since you only need a live OS and a web browser. I've been using it for about a year without issues but if I understand correctly you're saying brainwallet.org has a bad reputation and should not be used because of that... Would you recommend another similar tool?
http://bitkey.io ?
