Pages:
Author

Topic: What characteristics make a solid brain wallet? (Read 3835 times)

legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
November 09, 2013, 04:30:35 PM
#26

Which has >200 entropy and is basically impossible to crack,


Log2(200) is ~ 8.
sr. member
Activity: 938
Merit: 255
SmartFi - EARN, LEND & TRADE
Really long memorable phrase
sr. member
Activity: 247
Merit: 250
Cosmic Cubist
Well, personally, I don't want to have to trust any computer-based RNGs, and I also don't trust any naive notions regarding which methods for generating/obfuscating a short-ish passphrase are "sufficiently obscure" yet "easy to remember," so instead, I use Diceware to compute a truly random, 10- or 20-word brainwallet passphrase, calculate its Bitcoin address on an offline computer, print everything out in multiple paper copies which are safely hidden away (since I also don't trust any digital media to stay readable), and, for the coldest cold-storage wallets, never, EVER enter the sensitive data (passphrase or private key) into ANY online computer.  If the passphrase is 20 words long (100 die rolls), this method gives you a full 256 bits of entropy, which is as secure as any Bitcoin address can be, but a 20-word phrase is much easier (in a pinch) to memorize, or to read over the phone to someone, than a random string of letters and numbers would be.  My full method is described at:

http://minetopics.blogspot.com/2013/03/ultimate-bitcoin-security.html
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
One easy trick I use is to take a common phrase you might not forget.
Then replace, in all subsequent words, any occurrence of character appearing in the first word with 'a', 'b', 'c', 'd', etc.

For example:
One must be poor to know the luxury of giving

becomes:
One must ba pbcr td kefw thg luxury hf giviig

Which has >200 entropy and is basically impossible to crack, yet pretty easy to remember (one common phrase+one transformation method).
Of course, the transformation method is up to you, this is just an example, but it needs to remain easy enough.




full member
Activity: 237
Merit: 101
6. Burn truecrypt traveler exe, bitaddress.org html file, encrypted file, onto a CD/DVD.

I think optical media is only expected to last for 10 years or so before the plastic starts breaking down. Some USB sticks are also only guaranteed to retain their data for 10 years (or less!). It's something to keep in mind if you are going for very long term storage, physically written down/engraved seems to be the safest bet.

I just finished migrating data from over 50 CD-Rs that we're all going on 20 years old. They were all OK. FWIW.
member
Activity: 168
Merit: 10
when using correctly spelled words and numbers as a separate element, your password would be easier to crack

try
america banana cast dominican equator frenchfry guacamole honduras 12345678
as
4m3r1c4 64n4n4 c45t d0m1n1c4n 3qu4t0r fr3nchfry gu4c4m0le h0ndur45 12345678

and if you want something to remember long term.. choose a book and a book page and line and the use that as your passphrase were some of the letters are made into numbers

Eg

c4ll m3 15hm43l 50m3 y34r5 490 h4v1n9 l1ttle 0r n0 m0n3y

who would of known knowing 1337 would pay off  Cheesy

good trick for an easy to remember strong password

Someone watches Person Of Interest Smiley.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
when using correctly spelled words and numbers as a separate element, your password would be easier to crack

try
america banana cast dominican equator frenchfry guacamole honduras 12345678
as
4m3r1c4 64n4n4 c45t d0m1n1c4n 3qu4t0r fr3nchfry gu4c4m0le h0ndur45 12345678

and if you want something to remember long term.. choose a book and a book page and line and the use that as your passphrase were some of the letters are made into numbers

Eg

c4ll m3 15hm43l 50m3 y34r5 490 h4v1n9 l1ttle 0r n0 m0n3y

who would of known knowing 1337 would pay off  Cheesy

good trick for an easy to remember strong password
sr. member
Activity: 308
Merit: 250
Jack of oh so many trades.
6. Burn truecrypt traveler exe, bitaddress.org html file, encrypted file, onto a CD/DVD.

I think optical media is only expected to last for 10 years or so before the plastic starts breaking down. Some USB sticks are also only guaranteed to retain their data for 10 years (or less!). It's something to keep in mind if you are going for very long term storage, physically written down/engraved seems to be the safest bet.
full member
Activity: 153
Merit: 100
Eight random words in two different languages should suffice, yeah?

Not anymore, since you've just given the world a hint to your passphrase.

Really?

Which 2 languages?

The Oxford Dictionary has more than 170,000 words. There are at least 85,000 in the Chinese dictionary.

Assuming we don't know how many words from each language are in use that equals 255,000 ^ 8 or 17,878,000,000,000,000,000,000,000,000,000,000,000,000,000 combinations.

And that's assuming we correctly guessed which two languages are in use.

Ready to get started brute-forcing?  Grin

I'll take that as a yes then, and I'll make it nine or ten words just to be sure. Or will I?

Cheers.
sr. member
Activity: 308
Merit: 250
Jack of oh so many trades.
Eight random words in two different languages should suffice, yeah?

Not anymore, since you've just given the world a hint to your passphrase.

Really?

Which 2 languages?

The Oxford Dictionary has more than 170,000 words. There are at least 85,000 in the Chinese dictionary.

Assuming we don't know how many words from each language are in use that equals 255,000 ^ 8 or 17,878,000,000,000,000,000,000,000,000,000,000,000,000,000 combinations.

And that's assuming we correctly guessed which two languages are in use.

Ready to get started brute-forcing?  Grin
legendary
Activity: 1974
Merit: 1030
Do you remember your passwords from 10 years ago right now?

Yeah for example one of them was o8ZKldMvp9, 14 years ago. I used to use it on a daily basis Smiley.


one difficult-to-measure parameter of a brain wallet is how well you are able to remember the pass phrase.

The trick to this is remembering it every single day, as part of some daily routine like washing your teeth for example. At first you'll need to write it down somewhere and read it to remember it but day after day you'll realize that you don't need the paper anymore. Mind you, you need to be religious about it. That's the actually difficult part, not the passphrase in and of itself. Feel free to go for 20 words if you follow this route, you'll memorize them with little effort.
b!z
legendary
Activity: 1582
Merit: 1010
Eight random words in two different languages should suffice, yeah?

Not anymore, since you've just given the world a hint to your passphrase.
sr. member
Activity: 333
Merit: 252
one difficult-to-measure parameter of a brain wallet is how well you are able to remember
the pass phrase. May be you are "pretty sure" to have it right now, but you memory
may not be as good in a year, in 10 years ... Do you remember your passwords from 10 years ago right now?
Of course it's not as much of a problem if it's for a short time.
full member
Activity: 153
Merit: 100
Eight random words in two different languages should suffice, yeah?
legendary
Activity: 1120
Merit: 1016
090930
Hey guys,

I am looking for a solution where I can store my Bitcoins with a brain wallet pass phrase.

I am looking for tips on what characteristics make a good brain wallet, and how many words it should be.

How secure is this?

Would something along the lines of:

america banana cast dominican equator frenchfry guacamole honduras 12345678

How safe is that?

Also, can you please give me some tips on how I can create a safe brain wallet. Right now the stereotype is that brain wallets are not safe, but its not that they aren't safe, its that the passwords people choose are not safe. So I would like to get some input.

SHA256  a certain page of a book

No... Good way to get your btc stolen.
hero member
Activity: 642
Merit: 500
Evolution is the only way to survive
Hey guys,

I am looking for a solution where I can store my Bitcoins with a brain wallet pass phrase.

I am looking for tips on what characteristics make a good brain wallet, and how many words it should be.

How secure is this?

Would something along the lines of:

america banana cast dominican equator frenchfry guacamole honduras 12345678

How safe is that?

Also, can you please give me some tips on how I can create a safe brain wallet. Right now the stereotype is that brain wallets are not safe, but its not that they aren't safe, its that the passwords people choose are not safe. So I would like to get some input.

SHA256  a certain page of a book
sr. member
Activity: 308
Merit: 250
Jack of oh so many trades.
Are you sure you will be arble to correctly recall the 12 random words from Electrum in, say, 10 years time?

Why not use something you've been already remembering for years?
Say, surnames(or nicknames) of your (girl/boy/best)friends, in chronological order.

There are a lot of surnames, so they have bigger entropy than words from Electrum (unless your friends are all Koreans Smiley), so you don't even need 12 names. Since password attacks are directed not personally at you, but at the whole population, it seems to be quite safe way. And if you keep your private life private, even attack directed personally at you won't be successful.

I agree with this. It's easy to look at the OP's suggestion and say "it's all tropically-themed and the number at the end is easy to guess!", but how would anyone know what to look for without seeing it first?

Could a computer be programmed to brute-force using themed sets? What if the OP threw in a single word that didn't fit the theme--would the computer not guess that combination because it's only looking for themes? What if the number came before the last word?

I believe "try all possible combinations of themed words, of all possible lengths, and then try each possible theme set with a random non-themed word put in, in each position... and try a list of common numbers, of all common lengths, added to each position..." would be just as time consuming as brute-forcing one character at a time.

Sure, it might not have much entropy. But unless two people are relying on RNG's that aren't random and both come up with the same numbers, using low entropy isn't going to make it much easier for someone to brute force your password (if it's long enough). 
hero member
Activity: 798
Merit: 1000
Who's there?
Are you sure you will be able to correctly recall the 12 random words from Electrum in, say, 10 years time?

Why not use something you've been already remembering for years?
Say, surnames(or nicknames) of your (girl/boy/best)friends, in chronological order.

There are a lot of surnames, so they have bigger entropy than words from Electrum (unless your friends are all Koreans Smiley), so you don't even need 12 names. Since password attacks are directed not personally at you, but at the whole population, it seems to be quite safe way. And if you keep your private life private, even attack directed personally at you won't be successful.
legendary
Activity: 3710
Merit: 1586
Don't create your own passphrase. Use electrum and it will make one for you. Memorize that.

If you want to know why creating your own passphrase is a bad idea please see below:


BIP∞: Brainwallets.

FOR GODS SAKE. DON'T DO IT.  YOU MAY THINK YOU ARE SMART ENOUGH. SO DID EVERYONE ELSE WHO GOT ROBBED. HUMANS ARE NOT A GOOD SOURCE OF ENTROPY.

YOU HAVE A SCHEME?  Pfft. THE SPACE OF ALL SCHEMES YOU'RE LIKELY TO HAVE PROBABLY ONLY HAS A FEW BITS OF ENTROPY. RANDOM PHRASE IN A BOOK? THERE ARE ONLY ABOUT 30 BITS OF SENTENCE SELECTION IN A LIBRARY.

OH NO. YOU ARE NOT LISTENING TO ME, ARE YOU?

OH CRAP. YOU THINK THAT "EIGHT CHARACTERS AND ONE FROM EACH CHARACTER CLASS" APPLIES HERE??  WEBSITE SECURITY MIGHT HAVE TO DEAL WITH 1000 ATTEMPTS PER SECOND, BUT SOME DUDE WITH A FPGA FARM IS PROBABLY PRECOMPUTING A BILLION BRAINWALLETS PER SECOND. JUST STOP.

NOOOOOOOOOOOO.

Well, now that you have no more Bitcoin I guess we don't have to worry about you using a brainwallet.

Cheers.


hero member
Activity: 504
Merit: 500
Hey guys,

I am looking for a solution where I can store my Bitcoins with a brain wallet pass phrase.

I am looking for tips on what characteristics make a good brain wallet, and how many words it should be.

How secure is this?

Would something along the lines of:

america banana cast dominican equator frenchfry guacamole honduras 12345678

How safe is that?

Also, can you please give me some tips on how I can create a safe brain wallet. Right now the stereotype is that brain wallets are not safe, but its not that they aren't safe, its that the passwords people choose are not safe. So I would like to get some input.
1. Brainwallet used just as deterministic wallet if the entropy source is low or compromised in the working environment. Here it is not necessary that you memorize the passphrase just the unpredictable and high-randomness aspect of the passphrase.
- Generate a random passphrase.
- Take half of the passphrase and intersect the same amount of characters in an unpredictable way.
- Eventually make a hash of it as 3. step and take that hash value as passphrase.
This way will be awoided that you choose some week passphrase and the passphrase generators eventually weekness also.
2. Brainwallet used with human mind memorable passphrase.
- write down your main email address (eventually add your name also) - this part to make hard to bruteforce all passphrases on a global level
- add a random passphrase easy memorable for you - not to short and not in a predictable schema
- stretch it with bcrypt 12 rounds - to limit the brute force attacking speed
Use the obtained hash as input value to generate a keypair or a keypair list or chain.
Newer reuse(at least by a higher BTC amount than 1 BTC on an address) the same address.
It is also recommended to generate the keypairs from your passphrase with an amnesic live OS without internet connection and save only the addresses ona USB stick if you want to use the brainwallet as longterm saving. (If you want to use your coins more actively then you need to import the keys in an encrypted wallet.)
Transfer the amounts on your generated addresses and the wallet(if you imported the keys) from the USB to your active computer .
Pages:
Jump to: