Pages:
Author

Topic: It took 10 seconds for the brainwallet "password1" to be taken - page 3. (Read 15343 times)

legendary
Activity: 1204
Merit: 1002
Gresham's Lawyer
1000+ years to guess at 20,000,000 guesses per second

The problem is that it might be guessed in 2 seconds , in 10 minutes or in 989 years.

It's "1000+years" to try them all.
Usual misconception about password security.

Your password is just a needle in a haystack,which the cracker attempts to find.If your add more characters the bigger the stack is , but it doesn't mean that you're 100% safer.

To make it clear:
It will take god knows how many billions years to get all the private keys right?
Well , a few thousands private keys will be generated in one hour , if you're one of the owners... it's just luck Smiley

"It will take 1000 years"
Maybe there are 10.000 hackers so .1 year?
Maybe each have 10 computers so .01 year?
Maybe every 12 words found in any sequence on any publicly available web page get stuffed into a rainbow table...

Have fun securing your brain wallet.
hero member
Activity: 826
Merit: 501
in defi we trust
1000+ years to guess at 20,000,000 guesses per second

The problem is that it might be guessed in 2 seconds , in 10 minutes or in 989 years.

It's "1000+years" to try them all.
Usual misconception about password security.

Your password is just a needle in a haystack,which the cracker attempts to find.If your add more characters the bigger the stack is , but it doesn't mean that you're 100% safer.

To make it clear:
It will take god knows how many billions years to get all the private keys right?
Well , a few thousands private keys will be generated in one hour , if you're one of the owners... it's just luck Smiley
legendary
Activity: 3066
Merit: 1129
So if  would use a sentence like:
This passphrase is the most amazing of all times
that would be a safe "password" am I right?
Now that I said the password go get my money! I'm kidding, I never used that sentence for a brainwallet so I guess there are no bitcoins in it.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
In practice, 7 words *randomly* (no cherrypicking) chosen from a 7,000 word dictionary is all you need to keep *everyone* (including government and russian hackers) away from your brainwallet. Anything longer is absolute overkill - despite anything you may hear on these forums. Many people are misinformed when it comes to choosing a proper passphrase. All you will get with longer passphrases, in practice, is a higher risk of forgetting them.

It takes literally billions (not just millions) of dollars to have a reasonable chance of cracking such a passphrase.

Please research and understand passphrase entropy if you don't agree with the above statements.

Also give the NoBrainr script a try for a bare-bones way of generating such passphrases securely.


In practice many people will not choose words randomly.  User error or users not adhering to standards/procedures is the biggest problem in these sorts of things. 

If it is done correctly each word is about 2^^13 so 7 is about 2^^91 possibilities.  There are 2^^160 Bitcoin addresses but there is not a one-to-one relationship between private an public keys.  For each public address there is more than one private key that will unlock it once you go through the process at https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses.  I saw someone post that the number of private keys you would need is 2^^96 but I could not find that calculation. 
One address is "unlocked" by ~2^96 private keys

~2^256 possible private keys
~2^160 possible addresses
Hence ~2^96 private keys per address
legendary
Activity: 1638
Merit: 1001
Quote
If you try to pick 12 "random" words on your own you will fail. Humans are terrible at randomness.

Here are 12 "words" that I can remember that aren't in any dictionary

thingy
depribe
weenus
integrous
prollums
pompatous
dickfor
tigger
"xxxxxxxx" (my last name, shared by fewer than 100 people worldwide - okay, that's probably on some list)
sadistics
skullfuck
dickstain

Most people could come up with their own list - probably less twisted, immature, and pathological - but still their own list.

I could arrange my 12 "words" in several ways to make several passphrases, and I would bet all my BTC (I don't have any) on any of them.



newbie
Activity: 4
Merit: 0
Yea, I'm a bit surprised people use brain wallets in such ways.

If the private key is simply the digest of the brain wallet pass phrase, then it's susceptible to rainbow tables. Maybe if you used the number of rounds of sha256 as a sort of salt, but even then I'm not too keen on the idea. You'd have to remember quite a big number to make it reasonably harder on the attacker, which sort of defeats the purpose.
staff
Activity: 4284
Merit: 8808
What electrum does is not "12 random words" in the way that you'd produce them.  It generates a cryptographically strong 128 bit random number, and using that number selects a unique string from the set of all possible 12 word sequences (using a particular dictionary), there is a 1:1 mapping so each value is equally possible an the value has 128 bits of entropy.  It then applies a moderately computationally expensive transformation to convert that 128 bit value into the 256 bit bitcoin keys, so even an attacker who knows part of your electrum seed must do a lot of computation to check it.

If you try to pick 12 "random" words on your own you will fail. Humans are terrible at randomness.

Even most people who think they know how to choose good passwords are incorrect. The common password advice people receive is applicable to security for centralized systems like login passwords, but not Bitcoin key security, as they have entirely different threat models. (e.g. Bitcoin key security for a brain wallet is inherently unsalted: you have to worry about attackers all over the world, over all time, potentially using high speed hardware crackers, and precomputing rainbow tables).
legendary
Activity: 1120
Merit: 1016
090930
In practice, 7 words *randomly* (no cherrypicking) chosen from a 7,000 word dictionary is all you need to keep *everyone* (including government and russian hackers) away from your brainwallet. Anything longer is absolute overkill - despite anything you may hear on these forums. Many people are misinformed when it comes to choosing a proper passphrase. All you will get with longer passphrases, in practice, is a higher risk of forgetting them.

It takes literally billions (not just millions) of dollars to have a reasonable chance of cracking such a passphrase.

Please research and understand passphrase entropy if you don't agree with the above statements.

Also give the NoBrainr script a try for a bare-bones way of generating such passphrases securely.
full member
Activity: 141
Merit: 100
Here are three examples of deep brain wallets:

PassphraseBitcoin addressTotal volumeComment
bitcoin is awesome14NWDXkQwcGN1Pd9fboL8npVynD5SfyJAE501 BTC500 BTC snatched within 36 seconds back in 2012
You don't win friends with salad!15gCfQVJ68vyUVdb6e3VDU4iTkTC3HtLQ2157.5 BTC3 BTC temporary lost, "How could this have happened...?" thread on Reddit - with happy end
896400912vGMScGWHVDKRBPTJn8i7E9GxYXq8zaz36.5 BTC6.5 BTC drained in 2 seconds one month ago

Conclusion: Don't use brain wallets if you don't know about how to choose really secure passwords.
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

surely Electrum is working.  it seems 12 random words is enough to securely create a master key.

12 words is a very long and good password in my opinion.
hero member
Activity: 793
Merit: 1026
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

Actually, I like that password. If nobody is using it, can I have it?

16GsPwhmfrTLEqp9kVbtMXEuHztCsbYL19

Sure, there it is!

Also, KeePass has a nice plugin called "readable passphrase generator" that spits out things like

"that repentant bragger wondered the stunted one sorely will dignify amidst the cloaked tackle"

and

"Capetown announced her 241 softest emissions stackly might unhinge via the cruel intruder"

Now I don't know how much entropy those have, since they follow speakable format, but it's not nothing, and I think you can actually set it to just randomly spit out words from its dictionary in random non-phrase format.

https://readablepassphrase.codeplex.com/

full member
Activity: 168
Merit: 100
Wow. Guess I will use a long phrase with my brainwallets if i ever make one.
full member
Activity: 224
Merit: 100
1000+ years to guess at 20,000,000 guesses per second
legendary
Activity: 896
Merit: 1006
First 100% Liquid Stablecoin Backed by Gold
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?
I'm no expert but that seems woefully short.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

Actually, I like that password. If nobody is using it, can I have it?
legendary
Activity: 1764
Merit: 1002
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

surely Electrum is working.  it seems 12 random words is enough to securely create a master key.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
so could there be a possible collision?  Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance.  You need to create the private keys randomly and not from a password.  In other words, no brain wallets.  people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum.  that was you have one long key you have to save and back up.  Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?
sr. member
Activity: 364
Merit: 253
so could there be a possible collision?  Huh
sr. member
Activity: 359
Merit: 250
Wow, didn't realise people camped out waiting for this.
hero member
Activity: 1328
Merit: 563
MintDice.com | TG: t.me/MintDice
that is crazy
Pages:
Jump to: