Amazing. They are over 2.500 transactions on this address.
"change this passphrase" would be better but probably some people would use it also.
Topic: Major Brainwallet Problem (Read 1589 times)
The problem is that by brainwallets you need to use your brain, especially the cerebrial cortex.
Amazing. They are over 2.500 transactions on this address.
"change this passphrase" would be better but probably some people would use it also.
Amazing. They are over 2.500 transactions on this address.
"change this passphrase" would be better but probably some people would use it also.
Major Brain Problem
This was pretty thoroughly discussed here https://bitcointalksearch.org/topic/if-you-used-brainwalletorg-must-read-security-breach-251037
TL;DR brainwallets are just a tool, but you need to be very sure of what you are doing to create a secure passphrase. If you don't understand why this is the case, then you should not use them. Easy to get burned and lose your coins.
TL;DR brainwallets are just a tool, but you need to be very sure of what you are doing to create a secure passphrase. If you don't understand why this is the case, then you should not use them. Easy to get burned and lose your coins.
Default pass should be "change this passphrase now else say bye bye to your coins"
The address is generated from a password, "correct horse battery staple" in this case. That's the whole point of a brain wallet.
Use your own secure password, get your own brainwallet.
Use your own secure password, get your own brainwallet.
I know. The problem is it gives a default to start with. It should not allow you to use the default.
anyone can create the keys (see http://www.xorbin.com/tools/sha256-hash-calculator) and use them in any wallet so there is no way to "stop" anyone from using a specific key. I saw this on reddit and I checked out the address. I posted this in another thread and someone pointed me here since we posted about 90 seconds apart on the same subject. If I try to import this key into Armory it crashes it when it tries to scan the transactions. I imported it into blockchain.info wallet and then I started getting all these notices of dust transactions.
I know, I just find it distasteful to spread a private key without telling people on the website that thousands of other people have the same key.
The address is generated from a password, "correct horse battery staple" in this case. That's the whole point of a brain wallet.
Use your own secure password, get your own brainwallet.
Use your own secure password, get your own brainwallet.
I know. The problem is it gives a default to start with. It should not allow you to use the default.
what's the problem? it's common sense to not use easy passphrases.
The address is generated from a password, "correct horse battery staple" in this case. That's the whole point of a brain wallet.
Use your own secure password, get your own brainwallet.
Use your own secure password, get your own brainwallet.
Hey guys,
I found a major, major problem with brainwallet.org
It seems that the wallet always generates the private key/address pair of 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T by default.
The private key is the sha256 of "correct horse battery staple"
Checking the block chain for 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T and you will find hundreds if not thousands of transactions and double spend attempts.
It appears lots of people have been actually using this address. I don't know who the creator of brainwallet is, but they should be informed.
I found a major, major problem with brainwallet.org
It seems that the wallet always generates the private key/address pair of 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T by default.
The private key is the sha256 of "correct horse battery staple"
Checking the block chain for 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T and you will find hundreds if not thousands of transactions and double spend attempts.
It appears lots of people have been actually using this address. I don't know who the creator of brainwallet is, but they should be informed.
Jump to: