It took 10 seconds for the brainwallet "password1" to be taken - page 3.

NewLiberty

legendary

Activity: 1204

Merit: 1002

Gresham's Lawyer

Quote from: niothor on November 02, 2013, 05:31:17 PM

Quote from: joeyjoe on November 01, 2013, 09:08:38 PM

1000+ years to guess at 20,000,000 guesses per second

The problem is that it might be guessed in 2 seconds , in 10 minutes or in 989 years.

It's "1000+years" to try them all.
Usual misconception about password security.

Your password is just a needle in a haystack,which the cracker attempts to find.If your add more characters the bigger the stack is , but it doesn't mean that you're 100% safer.

To make it clear:
It will take god knows how many billions years to get all the private keys right?
Well , a few thousands private keys will be generated in one hour , if you're one of the owners... it's just luck

"It will take 1000 years"
Maybe there are 10.000 hackers so .1 year?
Maybe each have 10 computers so .01 year?
Maybe every 12 words found in any sequence on any publicly available web page get stuffed into a rainbow table...

Have fun securing your brain wallet.

niothor

hero member

Activity: 826

Merit: 501

in defi we trust

Quote from: joeyjoe on November 01, 2013, 09:08:38 PM

1000+ years to guess at 20,000,000 guesses per second

The problem is that it might be guessed in 2 seconds , in 10 minutes or in 989 years.

It's "1000+years" to try them all.
Usual misconception about password security.

Your password is just a needle in a haystack,which the cracker attempts to find.If your add more characters the bigger the stack is , but it doesn't mean that you're 100% safer.

To make it clear:
It will take god knows how many billions years to get all the private keys right?
Well , a few thousands private keys will be generated in one hour , if you're one of the owners... it's just luck

FanEagle

legendary

Activity: 2884

Merit: 1117

So if would use a sentence like:
This passphrase is the most amazing of all times
that would be a safe "password" am I right?
Now that I said the password go get my money! I'm kidding, I never used that sentence for a brainwallet so I guess there are no bitcoins in it.

jackjack

legendary

Activity: 1176

Merit: 1280

May Bitcoin be touched by his Noodly Appendage

Quote from: ?? on ??

Quote from: flatfly on November 02, 2013, 07:47:15 AM

In practice, 7 words *randomly* (no cherrypicking) chosen from a 7,000 word dictionary is all you need to keep *everyone* (including government and russian hackers) away from your brainwallet. Anything longer is absolute overkill - despite anything you may hear on these forums. Many people are misinformed when it comes to choosing a proper passphrase. All you will get with longer passphrases, in practice, is a higher risk of forgetting them.

It takes literally billions (not just millions) of dollars to have a reasonable chance of cracking such a passphrase.

Please research and understand passphrase entropy if you don't agree with the above statements.

Also give the NoBrainr script a try for a bare-bones way of generating such passphrases securely.

In practice many people will not choose words randomly. User error or users not adhering to standards/procedures is the biggest problem in these sorts of things.

If it is done correctly each word is about 2^^13 so 7 is about 2^^91 possibilities. There are 2^^160 Bitcoin addresses but there is not a one-to-one relationship between private an public keys. For each public address there is more than one private key that will unlock it once you go through the process at https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses. I saw someone post that the number of private keys you would need is 2^^96 but I could not find that calculation.

One address is "unlocked" by ~2^96 private keys

~2^256 possible private keys
~2^160 possible addresses
Hence ~2^96 private keys per address

TooDumbForBitcoin

legendary

Activity: 1638

Merit: 1001

Quote

If you try to pick 12 "random" words on your own you will fail. Humans are terrible at randomness.

Here are 12 "words" that I can remember that aren't in any dictionary

thingy
depribe
weenus
integrous
prollums
pompatous
dickfor
tigger
"xxxxxxxx" (my last name, shared by fewer than 100 people worldwide - okay, that's probably on some list)
sadistics
skullfuck
dickstain

Most people could come up with their own list - probably less twisted, immature, and pathological - but still their own list.

I could arrange my 12 "words" in several ways to make several passphrases, and I would bet all my BTC (I don't have any) on any of them.

Brandon Stuvick

newbie

Activity: 4

Merit: 0

Yea, I'm a bit surprised people use brain wallets in such ways.

If the private key is simply the digest of the brain wallet pass phrase, then it's susceptible to rainbow tables. Maybe if you used the number of rounds of sha256 as a sort of salt, but even then I'm not too keen on the idea. You'd have to remember quite a big number to make it reasonably harder on the attacker, which sort of defeats the purpose.

gmaxwell

staff

Activity: 4284

Merit: 8808

What electrum does is not "12 random words" in the way that you'd produce them. It generates a cryptographically strong 128 bit random number, and using that number selects a unique string from the set of all possible 12 word sequences (using a particular dictionary), there is a 1:1 mapping so each value is equally possible an the value has 128 bits of entropy. It then applies a moderately computationally expensive transformation to convert that 128 bit value into the 256 bit bitcoin keys, so even an attacker who knows part of your electrum seed must do a lot of computation to check it.

If you try to pick 12 "random" words on your own you will fail. Humans are terrible at randomness.

Even most people who think they know how to choose good passwords are incorrect. The common password advice people receive is applicable to security for centralized systems like login passwords, but not Bitcoin key security, as they have entirely different threat models. (e.g. Bitcoin key security for a brain wallet is inherently unsalted: you have to worry about attackers all over the world, over all time, potentially using high speed hardware crackers, and precomputing rainbow tables).

flatfly

legendary

Activity: 1092

Merit: 1016

760930

In practice, 7 words *randomly* (no cherrypicking) chosen from a 7,000 word dictionary is all you need to keep *everyone* (including government and russian hackers) away from your brainwallet. Anything longer is absolute overkill - despite anything you may hear on these forums. Many people are misinformed when it comes to choosing a proper passphrase. All you will get with longer passphrases, in practice, is a higher risk of forgetting them.

It takes literally billions (not just millions) of dollars to have a reasonable chance of cracking such a passphrase.

Please research and understand passphrase entropy if you don't agree with the above statements.

Also give the NoBrainr script a try for a bare-bones way of generating such passphrases securely.

Nikinger

full member

Activity: 141

Merit: 100

Here are three examples of deep brain wallets:

Passphrase	Bitcoin address	Total volume	Comment
bitcoin is awesome	14NWDXkQwcGN1Pd9fboL8npVynD5SfyJAE	501 BTC	500 BTC snatched within 36 seconds back in 2012
You don't win friends with salad!	15gCfQVJ68vyUVdb6e3VDU4iTkTC3HtLQ2	157.5 BTC	3 BTC temporary lost, "How could this have happened...?" thread on Reddit - with happy end
8964009	12vGMScGWHVDKRBPTJn8i7E9GxYXq8zaz3	6.5 BTC	6.5 BTC drained in 2 seconds one month ago

Conclusion: Don't use brain wallets if you don't know about how to choose really secure passwords.

LiteCoinGuy

legendary

Activity: 1148

Merit: 1014

In Satoshi I Trust

Quote from: cypherdoc on November 01, 2013, 08:45:27 PM

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

surely Electrum is working. it seems 12 random words is enough to securely create a master key.

12 words is a very long and good password in my opinion.

luv2drnkbr

hero member

Activity: 793

Merit: 1026

Quote from: Phinnaeus Gage on November 01, 2013, 08:47:01 PM

Quote from: adamstgBit on November 01, 2013, 08:39:54 PM

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

Actually, I like that password. If nobody is using it, can I have it?

16GsPwhmfrTLEqp9kVbtMXEuHztCsbYL19

Sure, there it is!

Also, KeePass has a nice plugin called "readable passphrase generator" that spits out things like

"that repentant bragger wondered the stunted one sorely will dignify amidst the cloaked tackle"

and

"Capetown announced her 241 softest emissions stackly might unhinge via the cruel intruder"

Now I don't know how much entropy those have, since they follow speakable format, but it's not nothing, and I think you can actually set it to just randomly spit out words from its dictionary in random non-phrase format.

https://readablepassphrase.codeplex.com/

Jabbatheslutt

full member

Activity: 168

Merit: 100

Wow. Guess I will use a long phrase with my brainwallets if i ever make one.

joeyjoe

full member

Activity: 224

Merit: 100

1000+ years to guess at 20,000,000 guesses per second

User705

legendary

Activity: 896

Merit: 1006

First 100% Liquid Stablecoin Backed by Gold

Quote from: adamstgBit on November 01, 2013, 08:39:54 PM

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

I'm no expert but that seems woefully short.

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

Quote from: adamstgBit on November 01, 2013, 08:39:54 PM

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

Actually, I like that password. If nobody is using it, can I have it?

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

surely Electrum is working. it seems 12 random words is enough to securely create a master key.

adamstgBit

legendary

Activity: 1904

Merit: 1037

Trusted Bitcoiner

Quote from: ?? on ??

Quote from: balanghai on November 01, 2013, 07:32:55 PM

so could there be a possible collision? Huh

If you use a password to create a private key it is very easy for computers to generate the private keys and check the balance. You need to create the private keys randomly and not from a password. In other words, no brain wallets. people can run large supercomputers and check passwords all day long so don't even try it.

the best way to go is use a deterministic wallet like armory or electrum. that was you have one long key you have to save and back up. Then all your addresses are created from that.

you really need a very strong password something like "1bH7Dt62Hu82" should be good enough no?

balanghai

sr. member

Activity: 364

Merit: 253

so could there be a possible collision? Huh

Unluckyduck

sr. member

Activity: 359

Merit: 250

Wow, didn't realise people camped out waiting for this.

theskillzdatklls

hero member

Activity: 1328

Merit: 563

MintDice.com | TG: t.me/MintDice

that is crazy

Topic: It took 10 seconds for the brainwallet "password1" to be taken - page 3. (Read 15329 times)