Topic: How's this for a brainwallet idea? (Read 1098 times)
and even if I did have friends who were into BTC, they wouldn't know if I posted on this forum, as obviously I'm not using my real name.
I'm the OP & I know for certain that my friends aren't active in this forum; none of them would even have heard of BTC, in fact, I think I could go as far as saying, most of them wouldn't know how to switch a computer on 
If they were people that were into BTC, I obviously wouldn't have posted something like this on a bitcoin forum.
If they were people that were into BTC, I obviously wouldn't have posted something like this on a bitcoin forum. 
We are talking about people brute forcing brain wallets, not targeted attacks. Of course the same rules don't apply to personal security. That's not the discussion.
Are we? Do you know that none of OPs friends is active in this forum?
Brain wallets with this type of information are intrinsically almost crack-proof.
What type of information? Numbers?The first represents a string of characters that means nothing to anyone, other than my brain, because I've memorized it.
The first what? OP was talking about phonenumbers, where do you get characters from?
People like you are the reason why paid Signatures are frowned upon.
You post here without reference after over 3 weeks of silence. Twice in a few minutes. The topic is over, you dont contribute anything new, but your opinion.
Brain wallets with this type of information are intrinsically almost crack-proof. The first represents a string of characters that means nothing to anyone, other than my brain, because I've memorized it.
Before getting a brain wallet, hash it like 100 times. Use a random number and remember it
Use a new deck of cards ...shuffle ( lots )...role 45 cards,.. 5h-2d-Ks-7c-Ah....... thats your random passphrase
number the cards with marker on the back....put cards in case...store in safe place...
Deck of cards brain wallet..!
There are threads on this and dice for wallet generation..
Now memorize the cards order....and burn the deck ...
number the cards with marker on the back....put cards in case...store in safe place...
Deck of cards brain wallet..!
There are threads on this and dice for wallet generation..
Now memorize the cards order....and burn the deck ...
As my grandmother would say, "... and if your friends jumped off a cliff, would you do it too."
https://xkcd.com/1170/
I would, if its the majority, chances are they have a good reason to jump off that cliff. Plus, they are my friends after all.
Brainwallet is a bad idea. What will you do if you forgot your phrase?
As my grandmother would say, "... and if your friend jumped off a cliff, would you do it too."
Flashman, you mention about limiting myself to 10 numerals in a passphrase, but surely a lot of people use dice rolls which is limiting themselves to only 6 numerals?
Awesome idea, please put at least 10 BTC in it right away so it's worth my trouble
But seriously, there are several problems here...
i) You've come up with a formula, a set of rules for creating a brainwallet phrase.... computers really like formulas and sets of rules, they avoid all that wasted effort of truly random guessing.
ii) You've told us what it is.... Which depending how devious you are might be only a weeks headstart, or a couple of years. Odds are some smartass or several smartasses came up with the idea already and through analyzing lists of "real world" passwords obtained from various website hacks, crackers can spot new trends in "good ways to make a password/phrase". So eventually the secret is out anyway.
iii) Phone numbers aren't as "random" as you would like to think. If I knew you were using phone numbers, of friends no less, then there are various deductions and assumptions that can be made to knock six or seven zeroes off the end of the number of combinations that can be tried.
iv) Even if you changed your strategy and decided to pick phone numbers of "people that stick in your mind" who you have no "obvious" connection with, you may escape the risk of a "targeted" attack, (i.e. knowing your strategy and going specifically for YOUR coins.) and become the victim of a "general" attack... in that some cracker somewhere may decide it's worth burning the cycles (Potentially his supercomputer dwarfing botnet) to rob anyone and everyone daft enough to limit themselves to only the 10 numerals in a brainwallet passphrase.... Yup it's maybe not worth spending a notional $50,000 worth of computer time to crack YOUR brainwallet, but it's maybe worth spending a notional $50,000 to sweep every wallet protected only by a few numbers.
v) There's probably somebody you know, who knows you know those numbers and can make a shortlist of about 10 you are most likely to use, and can have your bitcoin in a couple of hours manual guessing.
But seriously, there are several problems here...
i) You've come up with a formula, a set of rules for creating a brainwallet phrase.... computers really like formulas and sets of rules, they avoid all that wasted effort of truly random guessing.
ii) You've told us what it is.... Which depending how devious you are might be only a weeks headstart, or a couple of years. Odds are some smartass or several smartasses came up with the idea already and through analyzing lists of "real world" passwords obtained from various website hacks, crackers can spot new trends in "good ways to make a password/phrase". So eventually the secret is out anyway.
iii) Phone numbers aren't as "random" as you would like to think. If I knew you were using phone numbers, of friends no less, then there are various deductions and assumptions that can be made to knock six or seven zeroes off the end of the number of combinations that can be tried.
iv) Even if you changed your strategy and decided to pick phone numbers of "people that stick in your mind" who you have no "obvious" connection with, you may escape the risk of a "targeted" attack, (i.e. knowing your strategy and going specifically for YOUR coins.) and become the victim of a "general" attack... in that some cracker somewhere may decide it's worth burning the cycles (Potentially his supercomputer dwarfing botnet) to rob anyone and everyone daft enough to limit themselves to only the 10 numerals in a brainwallet passphrase.... Yup it's maybe not worth spending a notional $50,000 worth of computer time to crack YOUR brainwallet, but it's maybe worth spending a notional $50,000 to sweep every wallet protected only by a few numbers.
v) There's probably somebody you know, who knows you know those numbers and can make a shortlist of about 10 you are most likely to use, and can have your bitcoin in a couple of hours manual guessing.
Oh right, thanks.
cp1, Why 51 characters?
Because that's what a private key is.
cp1, Why 51 characters?
As long as u dont forget or miss/mix any numbers.
why 51? I've heard 62 or 100.
Just write down 51 characters and use that instead.
i think this would be an easy way to lose a wallet forever. what happens if you forget 1 digit in this number and cant htink of it or what number commes first or last. i think this would be just as good as any pasphrase you right down to remember.
I've thought of putting a long list of my friend's phone numbers as the passphrase for a brain wallet. Would that be sensible? If I lost my private keys and/or paper wallet, I will always remember these numbers.
Jump to: